3a95c01183b845c4b9decebe7edf4ec789e4db25054740bb9d52294f163a4a2bN

Sharing

Copy URL Twitter E-mail

General

Target

3a95c01183b845c4b9decebe7edf4ec789e4db25054740bb9d52294f163a4a2bN
Size

4.1MB
MD5

1312237b428a5f2f690de6c05b57c7c0
SHA1

7318bb30068262cef51c6eb0900746b185a93b37
SHA256

3a95c01183b845c4b9decebe7edf4ec789e4db25054740bb9d52294f163a4a2b
SHA512

816a5bd4e29288bcda836d01d2048aa2adbff6e3aa1235694c612a4aaca540b9b9e54452ef4e42ff5444af456683412fc585f18f8ce6ca1fe3712364cdcf60af
SSDEEP

98304:H5Py62Hfb/duOztNECS6mTtWPBnu30UV7UUCjeeYO:Zl2HfbFuOhS6esu7Pe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a95c01183b845c4b9decebe7edf4ec789e4db25054740bb9d52294f163a4a2bN

Files

3a95c01183b845c4b9decebe7edf4ec789e4db25054740bb9d52294f163a4a2bN
.dll windows:6 windows x64 arch:x64

c41ccf2adf9061b29f4096daf1913017

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\BuildProducts\se_vst3\x64\Release\se_vst3.pdb

Imports

d3d11

D3D11CreateDevice

kernel32

GetVersionExW
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

WindowFromPoint
GetProcessWindowStation
GetUserObjectInformationW

gdi32

ChoosePixelFormat

comdlg32

GetSaveFileNameW

shell32

SHGetFolderPathW

ole32

GetHGlobalFromStream

d2d1

ord1

dwrite

DWriteCreateFactory

msvcp140

_Cnd_wait

gdiplus

GdiplusStartup

opengl32

wglCreateContext

vcruntime140

__std_type_info_name

api-ms-win-crt-stdio-l1-1-0

fgetpos

api-ms-win-crt-heap-l1-1-0

realloc

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-math-l1-1-0

atan2

api-ms-win-crt-runtime-l1-1-0

_cexit

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-convert-l1-1-0

strtod

api-ms-win-crt-filesystem-l1-1-0

_unlock_file

api-ms-win-crt-time-l1-1-0

_time64

Exports

Exports

ExitDll
GetPluginFactory
InitDll
MAIN
VSTPluginMain

Sections

.text
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 775KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c41ccf2adf9061b29f4096daf1913017

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

kernel32

user32

gdi32

comdlg32

shell32

ole32

d2d1

dwrite

msvcp140

gdiplus

opengl32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: - Virtual size: 1.6MB

.rdata Size: - Virtual size: 676KB

.data Size: - Virtual size: 69KB

.pdata Size: - Virtual size: 108KB

.gfids Size: - Virtual size: 52B

.tls Size: - Virtual size: 9B

_RDATA Size: - Virtual size: 5KB

.vmp0 Size: - Virtual size: 1.7MB

.vmp1 Size: 4.1MB - Virtual size: 4.1MB

.reloc Size: 512B - Virtual size: 176B

.rsrc Size: 2KB - Virtual size: 775KB

.text
Size: - Virtual size: 1.6MB

.rdata
Size: - Virtual size: 676KB

.data
Size: - Virtual size: 69KB

.pdata
Size: - Virtual size: 108KB

.gfids
Size: - Virtual size: 52B

.tls
Size: - Virtual size: 9B

_RDATA
Size: - Virtual size: 5KB

.vmp0
Size: - Virtual size: 1.7MB

.vmp1
Size: 4.1MB - Virtual size: 4.1MB

.reloc
Size: 512B - Virtual size: 176B

.rsrc
Size: 2KB - Virtual size: 775KB