ResonateII[.]zip

Resubmissions

29/08/2024, 05:33

240829-f86zsswcmg 8

29/08/2024, 05:30

240829-f7lmgaxgqq 8

Sharing

Copy URL Twitter E-mail

General

Target

ResonateII.zip
Size

19.1MB
MD5

0ac3fe35d2d7dc3b2b8d4f4e6d7ca44e
SHA1

9806d71cb04eba5abe08e3fe60fddc2253271a22
SHA256

de0ef21e2f98ddae6d00c1761af2ec83ab349f35114b10dd5312c0d44e17751a
SHA512

ac4a872792310405af76aeaf9a0724ed097b80f7ad93ac5156fdeb8c080ced23a91d363814001d23ed09dd4a2f287598376adaae0d8ce762e94f9a62880937e5
SSDEEP

393216:FbKtu1sGRQellJ83aS1DtT3j3KsBoT7kSBTGqP0tpymefk2j2aVDFl:os1nR/lJ83ttT3jKs63JGqcTyDcx2l

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ResonateII.exe.vir
unpack001/httpfiles/dlls/AxInterop.WMPLib.dll
unpack001/httpfiles/dlls/BASSMOD.dll
unpack001/httpfiles/dlls/Interop.WMPLib.dll
unpack001/httpfiles/dlls/inpout32.dll

Files

ResonateII.zip
.zip
ResonateII.exe.vir
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\justquant\Google Drive\Sync\Visual Studio 2015\Projects\ResonateII\ResonateII\obj\Debug\ResonateII.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
httpfiles/bbt.wav
httpfiles/bob.wav
httpfiles/dlls/AxInterop.WMPLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
httpfiles/dlls/BASSMOD.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASSMOD_ErrorGetCode
BASSMOD_Free
BASSMOD_GetCPU
BASSMOD_GetDeviceDescription
BASSMOD_GetVersion
BASSMOD_GetVolume
BASSMOD_Init
BASSMOD_MusicDecode
BASSMOD_MusicFree
BASSMOD_MusicGetLength
BASSMOD_MusicGetName
BASSMOD_MusicGetPosition
BASSMOD_MusicGetVolume
BASSMOD_MusicIsActive
BASSMOD_MusicLoad
BASSMOD_MusicPause
BASSMOD_MusicPlay
BASSMOD_MusicPlayEx
BASSMOD_MusicRemoveSync
BASSMOD_MusicSetAmplify
BASSMOD_MusicSetPanSep
BASSMOD_MusicSetPosition
BASSMOD_MusicSetPositionScaler
BASSMOD_MusicSetSync
BASSMOD_MusicSetVolume
BASSMOD_MusicStop
BASSMOD_SetVolume

Sections

Size: 31KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
httpfiles/dlls/Interop.WMPLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
httpfiles/dlls/inpout32.dll
.dll windows:4 windows x86 arch:x86

c7b2fa58ffd099e5f335c337d3bb6689

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
LockResource
LoadResource
FindResourceA
SizeofResource
GetCurrentProcess
GetVersionExA
GetProcAddress
GetModuleHandleA
WriteFile
GetLastError
DeviceIoControl
OutputDebugStringA
GetSystemDirectoryA
CloseHandle
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
FlushFileBuffers

advapi32

StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA

Exports

Exports

DlPortReadPortUchar
DlPortReadPortUlong
DlPortReadPortUshort
DlPortWritePortUchar
DlPortWritePortUlong
DlPortWritePortUshort
GetPhysLong
Inp32
IsInpOutDriverOpen
IsXP64Bit
MapPhysToLin
Out32
SetPhysLong
UnmapPhysicalMemory

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
httpfiles/idoom.wav
httpfiles/navalaugh1.wav
httpfiles/oab.wmv
httpfiles/snoop.jpg
.jpg
httpfiles/sweetdreams.jpg
.jpg

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 226KB - Virtual size: 226KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 49KB - Virtual size: 49KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 512B - Virtual size: 12B

Headers

File Characteristics

Exports

Exports

Sections

Size: 31KB - Virtual size: 68KB

Size: 2KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 312KB - Virtual size: 311KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 512B - Virtual size: 12B

c7b2fa58ffd099e5f335c337d3bb6689

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 226KB - Virtual size: 226KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 8KB - Virtual size: 4KB