aa9b1844898d091ef2630ea8a3f2f951d3816f87a34ba0a1c08fb98638e18fa5

Sharing

Copy URL

Twitter E-mail

General

Target

aa9b1844898d091ef2630ea8a3f2f951d3816f87a34ba0a1c08fb98638e18fa5
Size

4.7MB
MD5

9c22a69023ab575e0ebb4d2e36b78164
SHA1

379691f0a6a05c353deeca202775a7a47889368c
SHA256

aa9b1844898d091ef2630ea8a3f2f951d3816f87a34ba0a1c08fb98638e18fa5
SHA512

b7194383a06d5abe7e291fc8dd46fdf25b2f5c02a4b48c53f86b3d4e17bf3daee9b263f410b7244247077b6cc17d6cddf449a65c3fbc16f58a9b365acf9a2b8b
SSDEEP

49152:z//yXRXR3KzhZZv35z+5gVjGoLihDistx51kiLYaTq2:OMfx2x5OiLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa9b1844898d091ef2630ea8a3f2f951d3816f87a34ba0a1c08fb98638e18fa5

Files

aa9b1844898d091ef2630ea8a3f2f951d3816f87a34ba0a1c08fb98638e18fa5
.dll windows:6 windows x64 arch:x64

8ef39c0679f1aa6aa97a77f19667c51b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
TerminateProcess
ReadFile
GetModuleFileNameW
CreateFileW
GetOverlappedResult
DisconnectNamedPipe
FlushFileBuffers
GetTempPathW
VerifyVersionInfoW
GetLastError
GetCurrentDirectoryW
MoveFileW
EnterCriticalSection
FindClose
RemoveDirectoryW
WaitForMultipleObjects
GetModuleHandleA
CancelIo
IsDebuggerPresent
FindNextFileW
GetFileAttributesExW
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
SetThreadAffinityMask
ReleaseMutex
DeleteFileW
GetVolumeInformationW
GetCommandLineW
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GetCurrentProcessId
FindFirstFileExW
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
LeaveCriticalSection
GetSystemDirectoryW
GetModuleFileNameA
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
SetFilePointerEx
GetFileType
ReadConsoleW
GetConsoleMode
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
RaiseException
RtlPcToFileHeader
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
HeapSize
GetCommandLineA
GetTimeZoneInformation
LoadLibraryExW
ExitThread
CreateThread
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
HeapReAlloc
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
IsProcessorFeaturePresent
DecodePointer
EncodePointer
FormatMessageW
GetLocaleInfoW
TerminateThread
FreeEnvironmentStringsW
LoadLibraryW
InitializeCriticalSection
WriteFile
OutputDebugStringW
ConnectNamedPipe
CreateDirectoryW
QueryPerformanceCounter
GetLogicalDriveStringsW
VerSetConditionMask
GetWindowsDirectoryA
SetUnhandledExceptionFilter
FreeLibrary
GetDriveTypeW
UnmapViewOfFile
TryEnterCriticalSection
SetFilePointer
GetNativeSystemInfo
FindFirstFileW
CreateMutexW
ExitProcess
CloseHandle
GetThreadPriority
CreateEventW
LoadLibraryA
ResetEvent
GetProcAddress
SetThreadPriority
Sleep
GetPriorityClass
GetCurrentThread
SetEvent
WaitForSingleObject
GetCurrentProcess
SetPriorityClass
GetEnvironmentStringsW

user32

DefWindowProcW
GetDesktopWindow
GetWindowTextW
TranslateMessage
EnumWindows
SetFocus
GetFocus
PostMessageW
GetMessageW
ReleaseDC
GetDC
GetMessagePos
GetMessageTime
GetMonitorInfoW
DestroyIcon
ToUnicode
SetWindowTextW
SetClipboardData
SendMessageW
SetCaretPos
IsWindowVisible
GetSystemMetrics
RegisterClassExW
SetWindowLongPtrW
OpenClipboard
CreateCaret
GetActiveWindow
GetWindowLongPtrW
SetLayeredWindowAttributes
EnumChildWindows
GetCursorPos
SetWindowPos
DestroyCaret
DestroyCursor
RedrawWindow
SetWindowLongW
EmptyClipboard
EnableMenuItem
SystemParametersInfoW
GetClipboardData
GetAncestor
GetWindowLongW
SetCursorPos
InvalidateRect
GetAsyncKeyState
GetWindowPlacement
GetForegroundWindow
MessageBoxW
CreateWindowExW
GetKeyboardState
GetCapture
GetIconInfo
CreateIconIndirect
BeginPaint
ShowCaret
GetClientRect
WindowFromPoint
MessageBeep
GetWindowInfo
UnregisterClassW
PeekMessageW
SendMessageTimeoutW
DispatchMessageW
AttachThreadInput
GetWindowThreadProcessId
ShowWindow
DestroyWindow
GetWindowRect
ScreenToClient
GetSystemMenu
MapVirtualKeyW
GetUpdateRgn
CloseClipboard
EnumDisplayMonitors
SetCursor
IsChild
SetCapture
SetForegroundWindow
GetParent
TrackMouseEvent
LoadCursorW
EndPaint
MoveWindow
CallWindowProcW
UnhookWindowsHookEx
PostMessageA
SetWindowsHookExA
CallNextHookEx
GetClassNameA
ReleaseCapture

gdi32

GetDeviceCaps
RemoveFontMemResourceEx
DeleteObject
SelectObject
CreateCompatibleDC
SetMapMode
GetOutlineTextMetricsW
SetMapperFlags
GetKerningPairsW
CreateFontIndirectW
EnumFontFamiliesExW
GetGlyphOutlineW
GetGlyphIndicesW
CreateBitmap
ExcludeClipRect
CreateDIBSection
SwapBuffers
DeleteDC
RestoreDC
GetTextMetricsW
GetPixel
CreateRectRgn
GetObjectW
StretchDIBits
SaveDC
CombineRgn
CreateRectRgnIndirect
GetRegionData

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW
ExtractAssociatedIconW
ShellExecuteW
Shell_NotifyIconW

ole32

OleCreate
OleSetContainedObject
RegisterDragDrop
CoTaskMemAlloc
RevokeDragDrop
OleUninitialize
OleInitialize
CoInitialize
CoTaskMemFree
PropVariantClear
CoCreateInstance
DoDragDrop

oleaut32

VariantClear
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
VariantInit
SafeArrayUnaccessData
SysAllocString

wininet

InternetCloseHandle
HttpEndRequestW
InternetSetFilePointer
HttpOpenRequestW
HttpSendRequestExW
InternetSetOptionW
InternetWriteFile
InternetConnectW
InternetReadFile
FtpOpenFileW
InternetQueryOptionW
InternetOpenW
HttpQueryInfoW
InternetCrackUrlW

ws2_32

setsockopt
recv
__WSAFDIsSet
closesocket
send
getsockopt
accept
select
WSAStartup
inet_ntoa

shlwapi

PathStripToRootW

winmm

midiOutClose
midiOutPrepareHeader
midiOutUnprepareHeader
midiInUnprepareHeader
midiOutLongMsg
midiInReset
midiInClose
midiInStop
timeKillEvent
timeGetTime
timeBeginPeriod
midiOutShortMsg

imm32

ImmGetContext
ImmGetCompositionStringW
ImmSetCandidateWindow
ImmNotifyIME
ImmReleaseContext

opengl32

glDeleteTextures
glBindTexture
glTexImage2D
glGetError
glDisable
glGetString
glDrawArrays
wglMakeCurrent
glTexParameteri
glGetIntegerv
glBlendFunc
glViewport
glEnable
wglGetProcAddress
glGenTextures
glPixelStorei
glClear
glClearColor
wglGetCurrentContext
glDrawElements
glTexSubImage2D
glReadPixels

Exports

Exports

VSTPluginMain

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ef39c0679f1aa6aa97a77f19667c51b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

wininet

ws2_32

shlwapi

winmm

imm32

opengl32

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 77KB - Virtual size: 89KB

.pdata Size: 122KB - Virtual size: 121KB

.tls Size: 512B - Virtual size: 33B

_RDATA Size: 7KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 77KB - Virtual size: 89KB

.pdata
Size: 122KB - Virtual size: 121KB

.tls
Size: 512B - Virtual size: 33B

_RDATA
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 34KB - Virtual size: 34KB