ExitDll
GetPluginFactory
InitDll
General
-
Target
snkz-amismp24.zip
-
Size
14.4MB
-
MD5
42e18d8583ed7e8b76fbedfda1aff271
-
SHA1
3bac49b2bf79408e8e2e8e670da4e7b7145e2f0d
-
SHA256
56cab685e3538223f25aeb36b85ac84fe43e6cc3f97f442e04ec5c02cf517ccc
-
SHA512
34d597dbd60de36d3f978b4c224685f39383121cd4b983196295cccc4bca5879559a5c2d112201dea66aa1aeee6197bf9fd1e50b60f59edd40854a21bdaa3c15
-
SSDEEP
393216:io1vhR/ecaK5LxmUWowekcjaE9nqVZ29eV56C2Ar1Y:31pR/ect5M3ePVdc6ES
Malware Config
Signatures
Files
-
snkz-amismp24.zip.zip
-
Amigo Sampler - WIN_MAC_LNX/Amigo Manual.pdf.pdf
-
http://www.potenzadsp.com/amigo/themes
-
https://16-bits.org/ptfreq.php
-
-
Amigo Sampler - WIN_MAC_LNX/Amigo_Linux.zip.zip
-
Amigo.vst3/Contents/Resources/moduleinfo.json
-
Amigo.vst3/Contents/x86_64-linux/Amigo.so.elf linux x64
-
Amigo Sampler - WIN_MAC_LNX/Amigo_MacOS.zip.app macos
-
Amigo Sampler - WIN_MAC_LNX/Amigo_Windows.zip.zip
-
Amigo.vst3/Contents/Resources/moduleinfo.json
-
Amigo.vst3/Contents/x86_64-win/Amigo.vst3.dll windows:6 windows x64 arch:x64
d00b7505d0c56f16027fef98c29d5bde
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
GetLogicalProcessorInformation
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
LocalFree
ReplaceFileW
ExitProcess
GetModuleHandleW
FreeLibrary
CopyFileW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetFileInformationByHandle
GetDriveTypeW
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
AttachConsole
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FormatMessageW
Sleep
CreateEventW
GetLogicalDriveStringsW
DisconnectNamedPipe
GetModuleHandleA
ResumeThread
GetSystemDirectoryW
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WaitForSingleObject
FindClose
CreateMutexW
GetTempPathW
SetEndOfFile
SetFilePointer
SetThreadPriority
IsDebuggerPresent
UnmapViewOfFile
WaitForMultipleObjects
GetModuleFileNameW
RemoveDirectoryW
TerminateProcess
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
SetPriorityClass
FindFirstFileW
CancelIo
GetVolumeInformationW
ReadFile
GetSystemFirmwareTable
SetThreadAffinityMask
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MoveFileW
user32
RegisterClassExW
DispatchMessageW
PeekMessageW
EnumWindows
SetFocus
SendNotifyMessageW
TranslateMessage
GetWindowTextW
GetWindowThreadProcessId
AttachThreadInput
UnregisterClassW
GetWindowLongW
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
GetWindowRect
IsWindowVisible
SetWindowPos
MessageBoxW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
CallNextHookEx
EndDialog
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
SetCaretPos
GetActiveWindow
ShowWindow
IsWindow
GetAsyncKeyState
OpenClipboard
GetCapture
RedrawWindow
DestroyIcon
VkKeyScanW
GetWindowInfo
GetMonitorInfoW
CreateIconIndirect
CloseClipboard
EmptyClipboard
IsChild
CreateCaret
MapWindowPoints
TrackMouseEvent
GetForegroundWindow
UnhookWindowsHookEx
GetMessageTime
SetLayeredWindowAttributes
BringWindowToTop
GetClipboardData
LoadIconW
LoadCursorW
DestroyCaret
SetCapture
SetWindowsHookExW
SetClipboardData
ToUnicode
SetCursor
SetWindowLongW
GetClientRect
UpdateLayeredWindow
DrawIconEx
ShowCaret
GetDesktopWindow
EnableMenuItem
SystemParametersInfoW
GetParent
ReleaseCapture
InvalidateRect
GetAncestor
SetCursorPos
GetCursorPos
BeginPaint
EndPaint
SendInput
GetDC
ReleaseDC
GetMessageW
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetWindowLongPtrW
GetKeyboardState
gdi32
RestoreDC
ExcludeClipRect
GetObjectW
GetRegionData
CreateRectRgn
GetKerningPairsW
StretchDIBits
CreateBitmap
SaveDC
SelectObject
CreateCompatibleDC
EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
CombineRgn
AddFontMemResourceEx
CreateDIBSection
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
CreateRectRgnIndirect
GetOutlineTextMetricsW
shell32
Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderPathW
DragQueryFileW
SHCreateShellItem
SHGetMalloc
ExtractAssociatedIconW
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
ole32
CoUninitialize
CoTaskMemAlloc
CoInitializeEx
DoDragDrop
CoCreateInstance
RevokeDragDrop
CoTaskMemFree
CoInitialize
CoCreateGuid
RegisterDragDrop
OleInitialize
OleUninitialize
oleaut32
SysAllocString
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
OpenProcessToken
DuplicateToken
MapGenericMask
GetNamedSecurityInfoW
AccessCheck
msvcp140
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
_Xtime_get_ticks
_Query_perf_counter
_Thrd_id
_Cnd_wait
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
_Cnd_timedwait
?_Xbad_function_call@std@@YAXXZ
?classic@locale@std@@SAAEBV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exceptions@std@@YAHXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Query_perf_frequency
_Cnd_init_in_situ
_Mtx_current_owns
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
_Cnd_signal
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?good@ios_base@std@@QEBA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
_Cnd_unregister_at_thread_exit
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Cnd_register_at_thread_exit
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
wininet
InternetWriteFile
FtpOpenFileW
InternetOpenW
InternetSetOptionW
InternetReadFile
InternetCloseHandle
HttpOpenRequestW
InternetConnectW
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoW
InternetSetFilePointer
InternetCrackUrlW
ws2_32
sendto
htons
freeaddrinfo
htonl
__WSAFDIsSet
accept
bind
closesocket
getsockopt
setsockopt
select
getaddrinfo
WSAStartup
inet_addr
send
inet_ntoa
recv
ioctlsocket
shlwapi
PathStripToRootW
winmm
timeGetTime
timeBeginPeriod
timeKillEvent
imm32
ImmAssociateContextEx
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmIsUIMessageW
ImmReleaseContext
ImmGetContext
ImmNotifyIME
dxgi
CreateDXGIFactory
vcruntime140
memset
_purecall
__std_terminate
memchr
__intrinsic_setjmp
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list
__current_exception_context
__current_exception
__C_specific_handler
strchr
__RTtypeid
longjmp
__std_type_info_compare
_CxxThrowException
memmove
memcpy
memcmp
__RTDynamicCast
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
_endthreadex
_initterm_e
_initterm
_cexit
_invalid_parameter_noinfo_noreturn
_errno
abort
_fpreset
exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_beginthreadex
terminate
_seh_filter_dll
api-ms-win-crt-string-l1-1-0
iswupper
towlower
iswspace
towupper
iswlower
strncmp
iswalnum
iswalpha
iswdigit
strnlen
strcmp
api-ms-win-crt-math-l1-1-0
log
fmod
floor
expf
exp
cosf
cos
ceil
atanf
atan2f
atan2
acos
_hypotf
sqrt
_dclass
_fdclass
ceilf
floorf
log10
sqrtf
truncf
log2
logf
pow
powf
ldexp
tan
tanf
lround
_fdsign
sin
_hypot
sinf
frexp
api-ms-win-crt-heap-l1-1-0
_callnewh
calloc
free
malloc
realloc
api-ms-win-crt-convert-l1-1-0
_atoi64
atoi
_strtod_l
strtod
api-ms-win-crt-stdio-l1-1-0
fseek
fread
fclose
__stdio_common_vswscanf
__stdio_common_vswprintf
__acrt_iob_func
__stdio_common_vfprintf
fflush
__stdio_common_vsprintf
__stdio_common_vsscanf
freopen_s
_fileno
fwrite
api-ms-win-crt-time-l1-1-0
_localtime64_s
_ftime64_s
wcsftime
api-ms-win-crt-locale-l1-1-0
_create_locale
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-utility-l1-1-0
qsort
Exports
Exports
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 195KB - Virtual size: 206KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 160KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Themes/Candy Crush.amigo.xml
-
Themes/Default.amigo.xml
-
Themes/Gameboy Classic.amigo.xml
-
Themes/Junglist.amigo.xml
-
Themes/Rave Blue.amigo.xml
-
Themes/Vampire.amigo.xml
-
sneakz.nfo