Static task
static1
General
-
Target
VisionRage Beta 1.2.exe
-
Size
598KB
-
MD5
fc5247261f89e9715f5ec85516e35730
-
SHA1
36a03feaf6ca5b84e71f639601fea1936774b6f1
-
SHA256
2aa00e0951c952e86c8c7ae0ed2565701609339b379b5e812edab6cddb4630cd
-
SHA512
2f99ec76865403171314bda5ba988dd1d9cf1b823ac5ec733255f41fe8c16e19b8793e395c506460e3c7f07d9b4d2773037db90f1a9c5ebaff69f0956a5890c2
-
SSDEEP
12288:p0tdBMopMl1pi9E9nwQGXZbSjy7nnoQXSo:6Ljp8yE9z0NSjy7nnX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VisionRage Beta 1.2.exe
Files
-
VisionRage Beta 1.2.exe.exe windows:6 windows x64 arch:x64
fe680d85fbf99371087c81de4f7a9f40
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
dwmapi
DwmExtendFrameIntoClientArea
kernel32
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
VirtualAlloc
CreateToolhelp32Snapshot
MultiByteToWideChar
Sleep
GetLastError
Process32NextW
CreateFileA
Process32FirstW
CloseHandle
CreateThread
GetCurrentProcessId
WideCharToMultiByte
FlushFileBuffers
HeapReAlloc
HeapSize
CreateFileW
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GlobalFree
FindFirstFileExW
FindClose
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
OutputDebugStringW
GetFileSizeEx
GetConsoleOutputCP
LCMapStringW
CompareStringW
HeapFree
HeapAlloc
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetCommandLineW
GetCommandLineA
WriteFile
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GlobalAlloc
SetEndOfFile
FindNextFileW
GetCurrentThreadId
GetStdHandle
ReadFile
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
RtlUnwindEx
RtlPcToFileHeader
RaiseException
user32
SetLayeredWindowAttributes
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
GetClientRect
SetCursor
GetWindowLongW
GetWindowThreadProcessId
GetWindow
GetWindowRect
DestroyWindow
SetWindowPos
GetSystemMetrics
ShowWindow
GetAsyncKeyState
DispatchMessageW
PeekMessageW
GetForegroundWindow
MoveWindow
EnumWindows
DefWindowProcA
CreateWindowExA
LoadCursorW
TranslateMessage
LoadIconW
SetWindowLongW
GetDesktopWindow
RegisterClassExA
UpdateWindow
SendInput
GetKeyState
ScreenToClient
GetActiveWindow
ClientToScreen
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
d3d9
Direct3DCreate9Ex
ntdll
ZwQueryValueKey
ZwClose
ZwSetValueKey
ZwOpenKey
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
ZwCreateKey
Sections
.text Size: 438KB - Virtual size: 437KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 130KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ