ValhallaUberMod.vst3

Sample information


0

Antivirus detections

0

IDS alerts

4

Processes

0

Http events

0

Contacted hosts

0

DNS Requests

    8


    Score

Current activity of this Sample


Blacklist timeline


Generic Malware

Hybrid-Analysis

First seen: Tue Jul 01 2025 00:45:03 GMT+0000
Last seen: Tue Jul 01 2025 04:00:15 GMT+0000
Period: 3 hours
Hashes
Filename:
ValhallaUberMod.vst3
md5:
843dbc5129355bc56c9e8ac9a228e1c5
sha1:
dc1bdf41f19c890a963a4c5a03bbc53ee627a3c3
sha256:
14850c71d3230ee213c4dd1648ed077c9f1b4bf12985fd4402a1f30f9032e7fb

In depth details
Filetype:
PE32+ executable (DLL) (GUI) x86-64, for MS Window ...
Size (Bytes):
4144128
Classification:
malicious

Dates
Indexed:
Tue Jul 01 2025 00:35:48 GMT+0000 (2 months ago)
Last modified:
Tue Jul 01 2025 04:00:16 GMT+0000 (2 months ago)

Developers can check API Specification here:

API Specification

Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/14850c71d3230ee213c4dd1648ed077c9f1b4bf12985fd4402a1f30f9032e7fb

Request:

Alternatively you can use Maltiverse Python3 Library: 
          
import requests
import json

url = 'https://api.maltiverse.com/sample/14850c71d3230ee213c4dd1648ed077c9f1b4bf12985fd4402a1f30f9032e7fb'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))

Request:

          
$url = 'https://api.maltiverse.com/sample/14850c71d3230ee213c4dd1648ed077c9f1b4bf12985fd4402a1f30f9032e7fb'
$headers =  @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response

Response:

      
{
    "blacklist": [
        {
            "count": 17,
            "description": "Generic Malware",
            "first_seen": "2025-07-01 00:45:03",
            "last_seen": "2025-07-01 04:00:15",
            "ref": [
                21745
            ],
            "source": "Hybrid-Analysis"
        }
    ],
    "classification": "malicious",
    "creation_time": "2025-07-01 00:35:48",
    "filename": [
        "ValhallaUberMod.vst3"
    ],
    "filetype": "PE32+ executable (DLL) (GUI) x86-64, for MS Window ...",
    "is_alive": false,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": false,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_phishing": false,
    "is_sinkhole": false,
    "is_storing_phishing": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "md5": "843dbc5129355bc56c9e8ac9a228e1c5",
    "modification_time": "2025-07-01 04:00:16",
    "process_list": [
        {
            "name": "<Ignored Process>",
            "uid": "00000000-00001340"
        },
        {
            "commandline": "\"C:\\ValhallaUberMod.vst3.dll\",#1",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00004592"
        },
        {
            "commandline": "\"C:\\ValhallaUberMod.vst3.dll\",#2",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00001492"
        },
        {
            "commandline": "\"C:\\ValhallaUberMod.vst3.dll\",#3",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00000408"
        }
    ],
    "score": 8,
    "scoring_executed_time": "2025-07-01 00:45:04",
    "sha1": "dc1bdf41f19c890a963a4c5a03bbc53ee627a3c3",
    "sha256": "14850c71d3230ee213c4dd1648ed077c9f1b4bf12985fd4402a1f30f9032e7fb",
    "size": 4144128,
    "tag": [
        "evasive"
    ],
    "type": "sample"
}
Process list
uid
00000000-00001340
commandline
name
<Ignored Process>
normalizedpath
sha256
uid
00000000-00004592
commandline
"C:\ValhallaUberMod.vst3.dll",#1
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6
uid
00000000-00001492
commandline
"C:\ValhallaUberMod.vst3.dll",#2
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6
uid
00000000-00000408
commandline
"C:\ValhallaUberMod.vst3.dll",#3
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6