MIDIVisualizer[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

MIDIVisualizer.exe
Size

20.3MB
MD5

6740c748e4a68e80cb2f13c17cf29f1f
SHA1

afad249ab9b381deb4f66fa2f00e79ff1492ec04
SHA256

886c27ddfe31c280830a44dc96cbf645fdb5d7f3a14495dd11cd9807073543e7
SHA512

cc2f304754585a93b9dde4874a8823b10f8481c9c57abb3e618dc42f92d8f40e413a82e6f335c3633d2c9e3da743085876942ea4c7b5766c45aca0f7b739b4b9
SSDEEP

393216:WXC1R+l77+pPiTitaHp7ZRfvrdrFBllyl92GopsLrhKiVP5:WgRQfvrdrnS6GX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MIDIVisualizer.exe

Files

MIDIVisualizer.exe
.exe windows:6 windows x64 arch:x64

835989b138a821c664a0247249f07945

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

wglGetProcAddress

wsock32

shutdown
ntohs
htons
select
recvfrom
getsockname
getpeername
gethostname
WSAGetLastError
sendto
recv
inet_ntoa
send
__WSAFDIsSet
accept
bind
closesocket
connect
getsockopt
listen
ntohl
setsockopt
socket
WSAStartup
WSACleanup

ws2_32

getaddrinfo
getnameinfo
freeaddrinfo

secur32

InitializeSecurityContextA
DeleteSecurityContext
ApplyControlToken
QueryContextAttributesA
FreeContextBuffer
EncryptMessage
DecryptMessage
AcquireCredentialsHandleA
FreeCredentialsHandle

bcrypt

BCryptGenRandom
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider

user32

CreateWindowExW
SetFocus
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
GetDC
OpenClipboard
SetCursor
TrackMouseEvent
GetDesktopWindow
GetRawInputDeviceList
GetRawInputDeviceInfoA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageTime
DefWindowProcW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
LoadImageW
DestroyIcon
LoadCursorW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
UnregisterClassW
GetCursorPos
SetCursorPos
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
SetPropW
ReleaseDC
SetForegroundWindow
ReleaseCapture
SetCapture
MapVirtualKeyW
GetKeyState
GetActiveWindow
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
ShowWindow
DestroyWindow
RegisterClassExW

comctl32

ord344

shell32

SHOpenFolderAndSelectItems
SHGetKnownFolderPath
SHGetDesktopFolder
DragQueryFileW
DragQueryPoint
DragFinish
DragAcceptFiles
ShellExecuteW
SHCreateItemFromParsingName

winmm

midiInGetNumDevs
midiInGetDevCapsW
midiInOpen
midiInReset
midiInPrepareHeader
midiInUnprepareHeader
midiInAddBuffer
midiInStart
midiInClose
midiInStop

kernel32

FormatMessageW
GetModuleHandleExW
GetLastError
VerSetConditionMask
SetThreadExecutionState
GetModuleHandleW
GetCurrentProcess
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
TlsAlloc
LeaveCriticalSection
TlsSetValue
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
Sleep
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitOnceBeginInitialize
InitOnceComplete
CloseHandle
InitializeSRWLock
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
MoveFileExA
MoveFileExW
WakeAllConditionVariable
ReleaseMutex
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetSystemTimeAsFileTime
GetProcessAffinityMask
CreateMutexA
GetSystemDirectoryW
GetModuleFileNameW
LoadLibraryExA
LoadLibraryExW
QueryPerformanceFrequency
InitializeCriticalSection
TlsFree
EnterCriticalSection
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
TlsGetValue
InitializeSListHead
DeleteCriticalSection

gdi32

DeleteDC
ChoosePixelFormat
SwapBuffers
SetDeviceGammaRamp
DescribePixelFormat
SetPixelFormat
CreateDCW
CreateRectRgn
GetDeviceCaps
DeleteObject

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_hardware_concurrency
_Thrd_join
_Query_perf_frequency
_Query_perf_counter
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?swap@?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
?swap@?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xbad_alloc@std@@YAXXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xbad_function_call@std@@YAXXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?_Throw_Cpp_error@std@@YAXH@Z

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

vcruntime140

__RTDynamicCast
wcsrchr
_purecall
strrchr
__C_specific_handler
__current_exception
__current_exception_context
__std_exception_destroy
memchr
memcpy
__std_terminate
memmove
memset
strchr
memcmp
__std_exception_copy
_CxxThrowException
strstr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_aligned_realloc
calloc
free
realloc
malloc
_aligned_free
_set_new_mode
_callnewh

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-stdio-l1-1-0

_read
fputs
__p__commode
_write
__stdio_common_vfprintf
ungetc
setvbuf
_fseeki64
fsetpos
_setmode
_tempnam
_isatty
_lseeki64
_wfopen
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vsprintf
fwrite
fputc
_wsopen
ftell
fgetpos
fread
feof
fopen_s
__acrt_iob_func
fflush
_set_fmode
fclose
fopen
_sopen
_close
fgetc
_get_stream_buffer_pointers
fseek

api-ms-win-crt-string-l1-1-0

isdigit
strspn
strncmp
strcspn
strcmp
strncpy

api-ms-win-crt-math-l1-1-0

log10f
roundf
atan2f
__setusermatherr
ldexp
trunc
floor
sinh
fabs
asin
ceilf
acos
acosf
powf
atan2
pow
tanh
round
logf
sinf
tanf
log
llrintf
_dclass
atanf
cosh
floorf
rint
cosf
llrint
_fdclass
tan
lrintf
sqrtf
fmodf
frexp
cbrt
atan
log2f
exp2f
expf
truncf
cbrtf
log2
log10
sqrt
sin
ceil
lrint
exp
cos
exp2
fmod
hypot

api-ms-win-crt-convert-l1-1-0

strtod
strtoul
atoi
strtof
atof
strtoull
strtoumax
strtoll
strtol

api-ms-win-crt-runtime-l1-1-0

_c_exit
_invalid_parameter_noinfo_noreturn
__p___argv
__p___argc
_exit
exit
_initterm_e
_initterm
_wassert
strerror
_get_initial_narrow_environment
_set_app_type
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_seh_filter_exe
terminate
abort
_initialize_narrow_environment
_beginthreadex
_configure_narrow_argv
_errno
_register_thread_local_exe_atexit_callback

api-ms-win-crt-filesystem-l1-1-0

_unlink
_mkdir
_wmkdir
_wunlink
_wrmdir
_rmdir
_wstat64
_unlock_file
_lock_file
_stat64
_fstat64

api-ms-win-crt-time-l1-1-0

_time64
_mktime64
_gmtime64
_localtime64
strftime
clock

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
setlocale

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 11.3MB - Virtual size: 11.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

835989b138a821c664a0247249f07945

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

wsock32

ws2_32

secur32

bcrypt

user32

comctl32

shell32

winmm

kernel32

gdi32

ole32

msvcp140

imm32

vcruntime140

vcruntime140_1

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 11.3MB - Virtual size: 11.3MB

.rdata Size: 3.8MB - Virtual size: 3.8MB

.data Size: 4.7MB - Virtual size: 12.7MB

.pdata Size: 309KB - Virtual size: 309KB

_RDATA Size: 512B - Virtual size: 48B

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 50KB - Virtual size: 50KB

.text
Size: 11.3MB - Virtual size: 11.3MB

.rdata
Size: 3.8MB - Virtual size: 3.8MB

.data
Size: 4.7MB - Virtual size: 12.7MB

.pdata
Size: 309KB - Virtual size: 309KB

_RDATA
Size: 512B - Virtual size: 48B

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 50KB - Virtual size: 50KB