Transit[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Transit.dll
Size

22.2MB
MD5

95e8019fec1930e5fbdeca746f1b8fef
SHA1

45f2316c0b3da7f3500bef47da792bed7deaac6a
SHA256

73a8c26104ff1db336131516bf73c7ec13db6bc81ef8ed9fcad1ddd7e1e736c2
SHA512

d64c9bfbc63d0285ac45eaf3307e1cd9caed194d058cbc62704082adc0a27c788c6cbb6abe6ce41fbd2d8b8d9a936fcca446ce12558d2c5fae09541f57a70376
SSDEEP

393216:oFyNBd+PJAYD/zB8Zk10LR3rZDqstoIvbqNQx5bYGo9isCzup:cPbD/QkOV3FzuIE65bBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Transit.dll

Files

Transit.dll
.dll windows:6 windows x64 arch:x64

128a256e5c258a93f52d68ce3f3cffce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
GetSystemDirectoryW
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
WriteConsoleW
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
GetFullPathNameW
SetStdHandle
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapFree
HeapReAlloc
HeapAlloc
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
RtlPcToFileHeader
InterlockedFlushSList
GetDriveTypeW
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
GetExitCodeThread
SwitchToThread
TryAcquireSRWLockExclusive
InitializeSRWLock
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
MoveFileW
QueryPerformanceCounter
FreeLibrary
GetModuleHandleW
ExitProcess
DeleteCriticalSection
ReplaceFileW
LocalFree
GetProcAddress
GetCurrentDirectoryW
LoadLibraryW
CloseHandle
DeleteFileW
QueryPerformanceFrequency
TerminateThread
SetEvent
OutputDebugStringW
GetFileAttributesExW
GetLastError
FormatMessageW
GetFileInformationByHandle
Sleep
CreateEventW
GetLogicalDriveStringsW
VerifyVersionInfoW
VerSetConditionMask
SleepEx
GetFileType
GetStdHandle
GetEnvironmentVariableA
WaitForSingleObjectEx
MoveFileExW
SetLastError
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSectionEx
GetTickCount
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCurrentThreadId
IsDebuggerPresent
SetFileAttributesW
GetModuleHandleA
ResumeThread
RtlUnwindEx
PeekNamedPipe
SetEndOfFile
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
WaitForMultipleObjects
GetModuleFileNameW
RemoveDirectoryW
TerminateProcess
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
SetPriorityClass
FindFirstFileW
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
SetThreadAffinityMask
CreateDirectoryW
GetThreadPriority
GetCurrentThread
RaiseException

user32

GetFocus
DestroyWindow
SetWindowLongPtrW
PostMessageW
DefWindowProcW
GetMessageW
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
InvalidateRect
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
TranslateMessage
SetFocus
EnumWindows
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetWindowsHookExW
PeekMessageW
ReleaseDC
DestroyCaret
LoadCursorW
LoadIconW
GetClipboardData
BringWindowToTop
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
GetAsyncKeyState
IsWindow
ShowWindow
GetActiveWindow
SetCaretPos
GetKeyboardState
DestroyCursor
GetWindowPlacement
WindowFromPoint
GetWindowThreadProcessId
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
GetDC
AttachThreadInput
GetWindowRect
SetWindowPos
PostMessageA
CallNextHookEx
GetSystemMetrics
GetClassNameA
SetWindowsHookExA
UnhookWindowsHookEx
GetAncestor
CreateWindowExW
SetCapture
MessageBeep
SetWindowTextW
GetWindowLongW
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
IsWindowVisible
MessageBoxW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
EndDialog
UnregisterClassW

gdi32

CreateFontIndirectW
SetMapMode
RemoveFontMemResourceEx
DeleteObject
GetGlyphOutlineW
GetGlyphIndicesW
SetMapperFlags
ChoosePixelFormat
SwapBuffers
SetPixelFormat
SaveDC
CreateDIBSection
StretchDIBits
CreateRectRgnIndirect
CreateRectRgn
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
CreateBitmap
CombineRgn
AddFontMemResourceEx
SelectObject
GetKerningPairsW
CreateCompatibleDC
GetDeviceCaps
GetTextMetricsW
DeleteDC
GetOutlineTextMetricsW

shell32

SHGetSpecialFolderPathW
DragQueryFileW
SHCreateShellItem
SHGetMalloc
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
ExtractAssociatedIconW
ShellExecuteW

ole32

CoInitializeEx
RegisterDragDrop
DoDragDrop
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
OleInitialize
OleUninitialize
RevokeDragDrop
CoCreateInstance

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayPutElement
SysAllocString
SafeArrayDestroy
SafeArrayCreateVector

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
AccessCheck
GetNamedSecurityInfoW
OpenProcessToken
DuplicateToken
MapGenericMask
CryptImportKey
CryptAcquireContextW

ws2_32

WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
WSASetLastError
inet_ntop
WSACleanup
WSAEnumNetworkEvents
inet_pton
gethostname
htons
freeaddrinfo
sendto
ioctlsocket
setsockopt
WSAGetLastError
WSACreateEvent
WSACloseEvent
__WSAFDIsSet
accept
bind
closesocket
select
listen
getaddrinfo
WSAStartup
getpeername
getsockname
send
socket
ntohs
connect
recvfrom
recv
WSAIoctl
getsockopt
htonl

crypt32

CertFindExtension
CertGetNameStringW
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertAddCertificateContextToStore
CertOpenStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryW
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertFreeCertificateChain

wininet

FtpOpenFileW
InternetWriteFile
InternetOpenW
InternetReadFile
InternetSetOptionW
InternetConnectW
InternetCloseHandle
HttpSendRequestExW
HttpEndRequestW
InternetCrackUrlW
InternetSetFilePointer
HttpQueryInfoW
HttpOpenRequestW

shlwapi

PathStripToRootW

winmm

timeBeginPeriod
timeGetTime

imm32

ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext
ImmNotifyIME

dxgi

CreateDXGIFactory

opengl32

glLightf
glGetError
glGetPixelMapfv
glVertex3iv
glDrawBuffer
glRasterPos3iv
glEvalCoord1fv
glColor4iv
glOrtho
glPixelMapusv
glTexCoord3i
glLightModeli
glGetString
glTexCoord4s
glTexSubImage2D
glPushAttrib
glEvalCoord1dv
glTexCoord4d
glTexCoord2i
glDepthFunc
glPixelStorei
glColor4usv
glGetLightiv
glShadeModel
glTexCoord1fv
glPrioritizeTextures
glCopyTexImage2D
glNormalPointer
glTexCoord1d
glGetFloatv
glRasterPos4dv
glIndexsv
glLightiv
glGetIntegerv
glPolygonStipple
glClearStencil
glLogicOp
glLighti
glColor4ubv
glDeleteLists
wglMakeCurrent
glTexEnviv
glMaterialfv
glFogiv
glTexCoord1iv
glAreTexturesResident
glPushMatrix
glIsTexture
glPopName
glLightfv
glDisable
glEvalMesh2
glMultMatrixf
glGetTexGendv
glRasterPos4i
glColor4f
glClearDepth
glIndexs
glScalef
glRectf
glDrawElements
glGetTexParameteriv
glGetTexImage
glVertex2d
glTexCoord1s
glCopyTexImage1D
glGetClipPlane
glScaled
glColor3d
glListBase
glTexEnvi
glColorMaterial
glColor3ubv
glColorPointer
glColor4ub
glTexCoord1i
glColor3bv
glVertex3d
glFlush
glRasterPos3dv
glTexGeni
glTexCoord3d
glPointSize
glColor3fv
glNormal3fv
glGetTexParameterfv
glMaterialf
glClearAccum
glRects
glPopMatrix
glEvalCoord2fv
glColor4i
glLightModeliv
glViewport
glTexImage1D
glDepthRange
glEdgeFlagv
glEnableClientState
glVertex4dv
glRecti
glColor3dv
glStencilOp
glNormal3sv
glVertex4sv
glIndexiv
glTexCoord3fv
glRasterPos3s
glInterleavedArrays
glClear
glEvalPoint2
glColor3uiv
glColor3ui
glIndexd
glVertex3i
glColor3s
glVertex2dv
glCopyPixels
glTexCoord3s
glPolygonOffset
glNormal3s
wglShareLists
glTexSubImage1D
glLoadMatrixd
glIsList
glTexCoord2iv
glTexEnvf
glStencilMask
glTexCoord4fv
glRasterPos3fv
glGetTexLevelParameterfv
glMap1f
glNewList
glPopAttrib
glNormal3bv
glPolygonMode
glRotated
glTexGenf
wglGetCurrentContext
glColor3usv
glNormal3b
glPixelTransferi
glRasterPos3f
glRectfv
glBindTexture
glGetPointerv
glGenTextures
glNormal3dv
glColor4d
glRasterPos4iv
glVertexPointer
glGetMapiv
glEnable
glVertex3f
glIndexubv
glTexCoord3iv
glCullFace
glDepthMask
glPopClientAttrib
glRasterPos2d
glMapGrid1f
glGetLightfv
glLoadMatrixf
glTexGend
glTexCoord2d
glVertex3sv
glMapGrid2d
glEnd
glVertex4f
glPassThrough
glColor4s
glEdgeFlagPointer
glMaterialiv
glColor4ui
glVertex4d
glScissor
glFogf
glTexParameterfv
glTexCoord2dv
glSelectBuffer
glRasterPos3sv
glAccum
glGetMapfv
glTexCoord4dv
glTexCoord3sv
glCallList
glFogfv
glVertex2sv
glFrustum
glVertex3s
glCopyTexSubImage2D
glColor4bv
glRasterPos2dv
glTexCoord2f
glColor4uiv
glGetTexLevelParameteriv
glVertex4iv
glEvalPoint1
glDisableClientState
glGetTexGeniv
glColor4dv
glMateriali
glCopyTexSubImage1D
glRasterPos2iv
glGenLists
glMatrixMode
glTexCoord1f
glMapGrid1d
glTexCoord2fv
glEvalCoord2f
glTexGenfv
glTranslated
glVertex4fv
glRasterPos3i
glVertex3dv
glRasterPos4sv
glDrawPixels
glCallLists
glFrontFace
glIndexub
glTexGendv
glVertex2fv
glEvalCoord2dv
glTexCoord4iv
glLineWidth
glColor4sv
glColor3f
glNormal3f
glIndexfv
glRasterPos4s
glStencilFunc
glColor3i
glLineStipple
glTexCoord2sv
glBlendFunc
glReadPixels
wglCreateContext
glColorMask
glTexCoord4sv
glMap1d
glTexCoord3dv
glInitNames
glMapGrid2f
glRasterPos4f
glGetMaterialiv
glIndexdv
glLoadIdentity
glColor3iv
glEdgeFlag
glRasterPos4fv
glRasterPos2s
glMultMatrixd
glEndList
glIndexPointer
wglGetProcAddress
glVertex3fv
glLoadName
glTexGeniv
glLightModelf
glRectiv
glPixelMapfv
glTexParameteri
glNormal3iv
glTexEnvfv
glVertex4s
glRenderMode
glFinish
glEvalCoord1d
glMap2f
glVertex2iv
glColor4fv
glDeleteTextures
glGetPolygonStipple
glGetTexEnvfv
glTexCoord2s
glTexCoord4f
glRectd
glVertex4i
glTexCoord3f
glPushClientAttrib
glHint
glReadBuffer
glTexCoord1sv
glAlphaFunc
glBegin
glRectsv
glTexCoordPointer
glColor3sv
glClipPlane
glIndexf
glIndexi
glPixelStoref
glPixelZoom
glNormal3d
glVertex2s
glGetTexEnviv
glClearColor
glLightModelfv
glVertex2i
glGetMapdv
glRasterPos2fv
glColor3ub
glGetBooleanv
glTexCoord1dv
glMap2d
glDrawArrays
glColor3b
wglDeleteContext
glNormal3i
glGetPixelMapuiv
glColor4us
glGetTexGenfv
glEvalCoord1f
glGetDoublev
glEvalCoord2d
glTexParameterf
glPushName
glTranslatef
glRectdv
glGetMaterialfv
glTexImage2D
glVertex2f
glPixelMapuiv
glEvalMesh1
glFeedbackBuffer
glTexParameteriv
glTexCoord4i
glIndexMask
glGetPixelMapusv
glColor3us
glRasterPos2f
glColor4b
glPixelTransferf
glArrayElement
glRasterPos2sv
glRotatef
glRasterPos4d
glIsEnabled
glRasterPos2i
glClearIndex
glRasterPos3d
glFogi
glBitmap

bcrypt

BCryptGenRandom

Exports

Exports

VSTPluginMain

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19.1MB - Virtual size: 19.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

128a256e5c258a93f52d68ce3f3cffce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

comdlg32

advapi32

ws2_32

crypt32

wininet

shlwapi

winmm

imm32

dxgi

opengl32

bcrypt

Exports

Exports

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 19.1MB - Virtual size: 19.1MB

.data Size: 115KB - Virtual size: 150KB

.pdata Size: 125KB - Virtual size: 124KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 42KB - Virtual size: 41KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 19.1MB - Virtual size: 19.1MB

.data
Size: 115KB - Virtual size: 150KB

.pdata
Size: 125KB - Virtual size: 124KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 42KB - Virtual size: 41KB