a74773096e1cd535a4c19b4eca530267500304f79b4bfa3ea1c8e4199728244e

Sharing

Copy URL Twitter E-mail

General

Target

a74773096e1cd535a4c19b4eca530267500304f79b4bfa3ea1c8e4199728244e
Size

2.7MB
MD5

7502681ef2baac4dd0a9ab2836d34cd8
SHA1

7b7bd9061a9c9f0d4c927ffbcffa14da46d8c099
SHA256

a74773096e1cd535a4c19b4eca530267500304f79b4bfa3ea1c8e4199728244e
SHA512

04fea8f1c48e5e398b8c10f1f207743620e10f4b6c05bec3802521852a025c6904e1b0189e08aae9a3fb1d95a26beae8abc669322d9aec5adc72a7bdb3a2de0f
SSDEEP

49152:hXLsb7kt0cCyHQPKLC/9vBeE98Sj/ksCfTBr1HO+jpUTskRz:YXtXksCfTBr1HO1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a74773096e1cd535a4c19b4eca530267500304f79b4bfa3ea1c8e4199728244e

Files

a74773096e1cd535a4c19b4eca530267500304f79b4bfa3ea1c8e4199728244e
.dll windows:6 windows x64 arch:x64

f29618eb8cc6d46e0a85f8ede9af0658

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shell32

DragQueryFileW
SHGetFolderPathA
ShellExecuteA

gdiplus

GdipSetPathFillMode
GdipSetPenDashArray
GdipAddPathRectangle
GdipGetDpiY
GdipGetImageGraphicsContext
GdipCreateLineBrush
GdipSetPenLineCap197819
GdipSetSmoothingMode
GdipClosePathFigure
GdipGetFamily
GdipAddPathBezier
GdipDrawPolygon
GdipDeleteFontFamily
GdipBitmapUnlockBits
GdipCreateSolidFill
GdipDisposeImageAttributes
GdipSetPenDashOffset
GdipSaveGraphics
GdipSetPenColor
GdipAlloc
GdipCreateMatrix2
GdipDisposeImage
GdipAddPathEllipse
GdipAddPathLine
GdipSetPenWidth
GdipCreateFont
GdipGetFontSize
GdipSetPageUnit
GdipDeletePath
GdipTransformPath
GdipClonePath
GdipGetGenericFontFamilySansSerif
GdipCreateImageAttributes
GdipDrawRectangle
GdipGetCellDescent
GdipDrawString
GdipGetLineSpacing
GdipTranslateWorldTransform
GdipFillRectangle
GdipCreateHBITMAPFromBitmap
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipSetSolidFillColor
GdipDrawLine
GdipFillPath
GdipGetPathLastPoint
GdipDeleteMatrix
GdipGetCellAscent
GdipSetInterpolationMode
GdipBitmapLockBits
GdipRestoreGraphics
GdipCreateBitmapFromResource
GdipCloneImage
GdipFillEllipse
GdipSetPenDashStyle
GdipCreatePath
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetPathWorldBounds
GdipDeleteFont
GdipDrawPath
GdipGetFontHeightGivenDPI
GdipSetTextRenderingHint
GdipSetClipRect
GdipStartPathFigure
GdipMeasureString
GdipAddPathArc
GdipDrawEllipse
GdipFillPolygon
GdipGetEmHeight
GdipDrawImageRectRectI
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromStreamICM
GdipCloneBrush
GdipCreateFromHWND
GdipSetLineBlend
GdiplusStartup
GdipCreatePen1
GdipSetPixelOffsetMode
GdipGetImageWidth
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipDeletePen
GdipSetPenLineJoin

opengl32

wglDeleteContext
wglMakeCurrent
wglGetCurrentContext
wglCreateContext

kernel32

GetCurrentProcess
GetModuleHandleA
DeviceIoControl
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
FormatMessageA
LocalFree
ResetEvent
OpenEventA
SetEndOfFile
SetEnvironmentVariableA
WriteConsoleW
OutputDebugStringW
SetStdHandle
SetFilePointer
ReadConsoleW
CreateFileW
LoadLibraryExW
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetProcessHeap
GetModuleFileNameW
WriteFile
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetSystemTimeAsFileTime
CreateEventA
CloseHandle
WaitForSingleObject
SetEvent
GetTickCount
GetCurrentThreadId
FindResourceA
FreeLibrary
LoadResource
GlobalSize
GlobalLock
InitializeCriticalSection
GlobalAlloc
WideCharToMultiByte
SizeofResource
GetVersionExW
LeaveCriticalSection
MultiByteToWideChar
GlobalUnlock
GetProcAddress
EnterCriticalSection
GlobalFree
LoadLibraryA
LockResource
DeleteCriticalSection
GetStdHandle
GetFileType
GetLastError
GetVersion
GetModuleHandleW
FlushConsoleInputBuffer
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryW
EncodePointer
DecodePointer
Sleep
GetStringTypeW
HeapFree
RtlPcToFileHeader
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
HeapAlloc
HeapReAlloc
ExitProcess
GetModuleHandleExW
AreFileApisANSI
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
ReadFile
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
InitializeCriticalSectionAndSpinCount
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError

user32

ReleaseDC
GetDesktopWindow
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
EndPaint
DestroyWindow
SetCursor
GetWindowTextLengthW
GetUpdateRgn
SetTimer
GetWindowRect
TrackPopupMenu
SetCapture
UnregisterClassW
PostMessageW
KillTimer
GetKeyState
GetFocus
GetParent
TrackMouseEvent
LoadCursorW
GetWindowInfo
GetWindowLongPtrW
GetClientRect
SetFocus
BeginPaint
wsprintfW
GetUpdateRect
GetDC
GetAsyncKeyState
InvalidateRect
AppendMenuW
GetWindowTextW
PeekMessageW
CreateWindowExW
SetWindowPos
GetCursorPos
CreatePopupMenu
SetMenuInfo
GetCursor
ReleaseCapture
RegisterClassW
GetSystemMetrics
SetWindowLongPtrW
SendMessageW
MapWindowPoints
EnableWindow
DestroyMenu
SetWindowTextW
SetMenuItemInfoW
CallWindowProcW
DefWindowProcW

gdi32

SwapBuffers
CreateSolidBrush
SetTextColor
DeleteDC
CreateDIBSection
CreateFontIndirectW
SetBkColor
GetRegionData
DeleteObject
CreateCompatibleDC
CreateRectRgn
ChoosePixelFormat
SetPixelFormat

ole32

RegisterDragDrop
DoDragDrop
GetHGlobalFromStream
CreateStreamOnHGlobal
CoCreateInstance
RevokeDragDrop
OleUninitialize
OleInitialize

advapi32

RegisterEventSourceW
ReportEventW
DeregisterEventSource

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 722KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f29618eb8cc6d46e0a85f8ede9af0658

Headers

DLL Characteristics

File Characteristics

Imports

shell32

gdiplus

opengl32

kernel32

user32

gdi32

ole32

advapi32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 496KB - Virtual size: 496KB

.data Size: 153KB - Virtual size: 174KB

.pdata Size: 71KB - Virtual size: 71KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 722KB - Virtual size: 721KB

.reloc Size: 54KB - Virtual size: 53KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 496KB - Virtual size: 496KB

.data
Size: 153KB - Virtual size: 174KB

.pdata
Size: 71KB - Virtual size: 71KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 722KB - Virtual size: 721KB

.reloc
Size: 54KB - Virtual size: 53KB