VUMTdeluxe[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

VUMTdeluxe.dll
Size

6.8MB
MD5

835e4a598021bfb7bb4c65c40e486aa6
SHA1

3243925cf85be37a1aa54732d396f61089281c6c
SHA256

5753631ef968ef3d45347950e0dcc5a004a083f792f6f2d20466fdcdab266dfe
SHA512

2e6cedb013cb28c195307a068536cc06368d0710e41da0eced65dd24a0f4f5bd308757393485b6e00f4dd131e5a09ee728b3f9be4a906d918076a1010edcbbd3
SSDEEP

196608:d614FvVQbQHCJHsvgGePUBB26UBBBBfHP:ds41VQbbJII

Score

1^/10

Malware Config

Signatures

Files

VUMTdeluxe.dll
.dll windows:6 windows x64 arch:x64

68498f4c85115648c1ea0bdb58a9a007

Code Sign

ae:b9:14:c3:5d:40:4d:80:c0:b6:97:bc:eb:18:f7:92
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14-10-2019 00:00

Not After

13-10-2022 23:59

Subject

CN=Klanghelm,O=Klanghelm,POSTALCODE=15569,STREET=Heidelberger Str. 3,L=Woltersdorf,ST=Brandenburg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:c4:80:99:1a:3a:86:b6:40:d9:25:ca:65:c6:ef:a7:e3:85:a6:15:9d:be:0a:7e:84:f9:06:e1:d5:ef:77:69
Signer

Actual PE Digest

29:c4:80:99:1a:3a:86:b6:40:d9:25:ca:65:c6:ef:a7:e3:85:a6:15:9d:be:0a:7e:84:f9:06:e1:d5:ef:77:69

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesExW
OutputDebugStringW
SetEvent
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
ReplaceFileW
DeleteCriticalSection
ExitProcess
GetModuleHandleW
FreeLibrary
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
AttachConsole
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FormatMessageW
HeapReAlloc
HeapAlloc
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetLastError
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
LCMapStringEx
MultiByteToWideChar
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
WideCharToMultiByte
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
WriteConsoleW
GetLastError
Sleep
CreateEventW
SetFileAttributesW
GetLogicalDriveStringsW
DisconnectNamedPipe
GetModuleHandleA
UnmapViewOfFile
GetSystemDirectoryW
ReleaseMutex
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
SetEndOfFile
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
WaitForMultipleObjects
GetModuleFileNameW
RemoveDirectoryW
TerminateProcess
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
SetThreadAffinityMask
CreateDirectoryW
GetThreadPriority
GetCurrentThread
HeapFree
GetCurrentThreadId

user32

AttachThreadInput
GetWindowRect
GetWindowThreadProcessId
ReleaseDC
GetDC
GetWindowTextW
TranslateMessage
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
UnregisterClassW
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetMessageW
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
InvalidateRect
PostMessageA
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetWindowsHookExW
SetCapture
DestroyCaret
LoadCursorW
FindWindowW
LoadIconW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
SetWindowPos
CallNextHookEx
GetSystemMetrics
GetClassNameA
SetWindowsHookExA
UnhookWindowsHookEx
GetAncestor
GetWindowLongW
SetForegroundWindow
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
FindWindowExW
IsWindowVisible
MessageBoxW
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
EndDialog
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
GetKeyboardState
SetCaretPos
GetActiveWindow
ShowWindow
IsWindow
GetAsyncKeyState
OpenClipboard
GetCapture
RedrawWindow
DestroyIcon
GetSystemMenu

gdi32

ChoosePixelFormat
SwapBuffers
SetPixelFormat
SaveDC
CreateDIBSection
StretchDIBits
CreateRectRgnIndirect
CreateRectRgn
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
CreateBitmap
CombineRgn
AddFontMemResourceEx
SelectObject
GetKerningPairsW
CreateCompatibleDC
EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

SHGetSpecialFolderPathW
DragQueryFileW
SHCreateShellItem
SHGetMalloc
ExtractAssociatedIconW
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteW

ole32

CoInitializeEx
RegisterDragDrop
DoDragDrop
RevokeDragDrop
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy

wininet

HttpEndRequestW
InternetConnectW
InternetSetOptionW
InternetReadFile
HttpSendRequestExW
InternetCloseHandle
InternetCrackUrlW
InternetSetFilePointer
HttpOpenRequestW
InternetWriteFile
FtpOpenFileW
InternetOpenW
HttpQueryInfoW

ws2_32

accept
__WSAFDIsSet
setsockopt
ioctlsocket
sendto
freeaddrinfo
htons
htonl
getsockopt
recv
inet_ntoa
send
inet_addr
WSAStartup
getaddrinfo
select
closesocket
bind

shlwapi

ord172
PathStripToRootW

winmm

timeBeginPeriod
timeKillEvent
timeGetTime

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

opengl32

glLightf
glGetError
glGetPixelMapfv
glVertex3iv
glDrawBuffer
glRasterPos3iv
glEvalCoord1fv
glColor4iv
glOrtho
glLightiv
glTexCoord3i
glLightModeli
glGetString
glTexCoord4s
glTexSubImage2D
glLighti
glEvalCoord1dv
glTexCoord4d
glTexCoord2i
glDepthFunc
glPushAttrib
glGetIntegerv
glPolygonStipple
glClearStencil
glLogicOp
glPixelMapusv
glEndList
glPixelStorei
glColor4usv
glGetLightiv
glShadeModel
glTexCoord1fv
glPrioritizeTextures
glCopyTexImage2D
glNormalPointer
glTexCoord1d
glGetFloatv
glRasterPos4dv
glIndexsv
glDeleteLists
wglMakeCurrent
glTexEnviv
glMaterialfv
glFogiv
glTexCoord1iv
glAreTexturesResident
glPushMatrix
glIsTexture
glPopName
glLightfv
glDisable
glEvalMesh2
glMultMatrixf
glGetTexGendv
glRasterPos4i
glColor4f
glClearDepth
glIndexs
glScalef
glRectf
glDrawElements
glGetTexParameteriv
glGetTexImage
glVertex2d
glTexCoord1s
glCopyTexImage1D
glGetClipPlane
glScaled
glColor3d
glListBase
glTexEnvi
glColorMaterial
glColor3ubv
glColorPointer
glColor4ub
glTexCoord1i
glColor3bv
glVertex3d
glFlush
glRasterPos3dv
glNormal3s
glBitmap
glFogi
glRasterPos3d
glClearIndex
glRasterPos2i
glIsEnabled
glRasterPos4d
glRotatef
glRasterPos2sv
glArrayElement
glTexGeni
glTexCoord3d
glPointSize
glColor3fv
glNormal3fv
glGetTexParameterfv
glMaterialf
glClearAccum
glRects
glPopMatrix
glEvalCoord2fv
glColor4i
glLightModeliv
glViewport
glTexImage1D
glDepthRange
glEdgeFlagv
glEnableClientState
glVertex4dv
glRecti
glColor3dv
glStencilOp
glNormal3sv
glVertex4sv
glIndexiv
glTexCoord3fv
glRasterPos3s
glInterleavedArrays
glClear
glEvalPoint2
glColor3uiv
glColor3ui
glIndexd
glVertex3i
glColor3s
glVertex2dv
glCopyPixels
glTexCoord3s
glPolygonOffset
glVertex2iv
wglShareLists
glTexSubImage1D
glLoadMatrixd
glIsList
glTexCoord2iv
glTexEnvf
glPixelTransferf
glTexCoord4fv
glRasterPos3fv
glGetTexLevelParameterfv
glMap1f
glNewList
glPopAttrib
glNormal3bv
glPolygonMode
glRotated
glTexGenf
wglGetCurrentContext
glColor3usv
glNormal3b
glPixelTransferi
glRasterPos3f
glRectfv
glBindTexture
glGetPointerv
glGenTextures
glNormal3dv
glColor4d
glRasterPos4iv
glVertexPointer
glGetMapiv
glEnable
glVertex3f
glIndexubv
glTexCoord3iv
glCullFace
glDepthMask
glPopClientAttrib
glRasterPos2d
glMapGrid1f
glGetLightfv
glLoadMatrixf
glTexGend
glTexCoord2d
glVertex3sv
glMapGrid2d
glEnd
glVertex4f
glPassThrough
glColor4s
glEdgeFlagPointer
glMaterialiv
glColor4ui
glVertex4d
glScissor
glFogf
glTexParameterfv
glTexCoord2dv
glSelectBuffer
glRasterPos3sv
glAccum
glGetMapfv
glTexCoord4dv
glTexCoord3sv
glCallList
glFogfv
glVertex2sv
glFrustum
glVertex3s
glCopyTexSubImage2D
glColor4bv
glRasterPos2dv
glTexCoord2f
glColor4uiv
glGetTexLevelParameteriv
glVertex4iv
glEvalPoint1
glDisableClientState
glGetTexGeniv
glColor4dv
glMateriali
glCopyTexSubImage1D
glRasterPos2iv
glGenLists
glMatrixMode
glTexCoord1f
glMapGrid1d
glTexCoord2fv
glEvalCoord2f
glTexGenfv
glTranslated
glVertex4fv
glRasterPos3i
glVertex3dv
glRasterPos4sv
glDrawPixels
glCallLists
glFrontFace
glIndexub
glTexGendv
glVertex2fv
glEvalCoord2dv
glTexCoord4iv
glLineWidth
glColor4sv
glColor3f
glNormal3f
glIndexfv
glRasterPos4s
glStencilFunc
glColor3i
glLineStipple
glTexCoord2sv
glBlendFunc
glReadPixels
wglCreateContext
glColorMask
glTexCoord4sv
glMap1d
glTexCoord3dv
glInitNames
glMapGrid2f
glRasterPos4f
glGetMaterialiv
glIndexdv
glLoadIdentity
glColor3iv
glEdgeFlag
glRasterPos4fv
glRasterPos2s
glMultMatrixd
glStencilMask
glIndexPointer
wglGetProcAddress
glVertex3fv
glLoadName
glTexGeniv
glLightModelf
glRectiv
glPixelMapfv
glTexParameteri
glNormal3iv
glTexEnvfv
glVertex4s
glRenderMode
glFinish
glEvalCoord1d
glMap2f
glColor4ubv
glColor4fv
glDeleteTextures
glGetPolygonStipple
glGetTexEnvfv
glTexCoord2s
glTexCoord4f
glRectd
glVertex4i
glTexCoord3f
glPushClientAttrib
glHint
glReadBuffer
glTexCoord1sv
glAlphaFunc
glBegin
glRectsv
glTexCoordPointer
glColor3sv
glClipPlane
glIndexf
glIndexi
glPixelStoref
glPixelZoom
glNormal3d
glVertex2s
glGetTexEnviv
glClearColor
glLightModelfv
glVertex2i
glGetMapdv
glRasterPos2fv
glColor3ub
glGetBooleanv
glTexCoord1dv
glMap2d
glDrawArrays
glColor3b
wglDeleteContext
glNormal3i
glGetPixelMapuiv
glColor4us
glGetTexGenfv
glEvalCoord1f
glGetDoublev
glEvalCoord2d
glTexParameterf
glPushName
glTranslatef
glRectdv
glGetMaterialfv
glTexImage2D
glVertex2f
glPixelMapuiv
glEvalMesh1
glFeedbackBuffer
glTexParameteriv
glTexCoord4i
glIndexMask
glGetPixelMapusv
glColor3us
glRasterPos2f
glColor4b

Exports

Exports

VSTPluginMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68498f4c85115648c1ea0bdb58a9a007

Code Sign

ae:b9:14:c3:5d:40:4d:80:c0:b6:97:bc:eb:18:f7:92Certificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

29:c4:80:99:1a:3a:86:b6:40:d9:25:ca:65:c6:ef:a7:e3:85:a6:15:9d:be:0a:7e:84:f9:06:e1:d5:ef:77:69Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

wininet

ws2_32

shlwapi

winmm

imm32

opengl32

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 3.3MB - Virtual size: 3.3MB

.data Size: 76KB - Virtual size: 115KB

.pdata Size: 143KB - Virtual size: 142KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 47KB - Virtual size: 46KB

.reloc Size: 44KB - Virtual size: 44KB

ae:b9:14:c3:5d:40:4d:80:c0:b6:97:bc:eb:18:f7:92
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

29:c4:80:99:1a:3a:86:b6:40:d9:25:ca:65:c6:ef:a7:e3:85:a6:15:9d:be:0a:7e:84:f9:06:e1:d5:ef:77:69
Signer

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 3.3MB - Virtual size: 3.3MB

.data
Size: 76KB - Virtual size: 115KB

.pdata
Size: 143KB - Virtual size: 142KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 47KB - Virtual size: 46KB

.reloc
Size: 44KB - Virtual size: 44KB