srb2win[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

srb2win.exe
Size

4.8MB
MD5

85c6ed9ded6a5158d4cd88eae723f3d7
SHA1

1be0910cd4b5b5bb739a7bcb2195b1034b949fcc
SHA256

6d08ae7c7104b4657071af8723ce9cef0d150f5d96f5350a2df5cde65dbcadf3
SHA512

534ab97502567a59fb9e441b85283b0b0f5c4ee279b02bbdd79441f720021452628b08deb12033c3baf950105f2abbf0a2a22d66de5a22e913a80aa040d0cac8
SSDEEP

98304:M+vaBQ3r1O/CFo28tcLJHcfBsJ4ncAvHoAJ8sfJJsxm7YtVH8CE/tgBnF:M/BQ3hGCiopOBsJ6cMXfJCcNWF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
srb2win.exe

Files

srb2win.exe
.exe windows x86

319b91b8a01d040e17bd05ec449a9406

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_easy_cleanup
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_free
curl_global_cleanup
curl_global_init

libgme

gme_delete
gme_free_info
gme_open_data
gme_play
gme_set_equalizer
gme_set_tempo
gme_start_track
gme_tell
gme_track_count
gme_track_ended
gme_track_info

libopenmpt

openmpt_error_string
openmpt_get_string
openmpt_module_create_from_memory2
openmpt_module_ctl_set
openmpt_module_destroy
openmpt_module_error_get_last
openmpt_module_get_duration_seconds
openmpt_module_get_num_subsongs
openmpt_module_get_position_seconds
openmpt_module_read_interleaved_stereo
openmpt_module_select_subsong
openmpt_module_set_position_seconds
openmpt_module_set_render_param
openmpt_module_set_repeat_count
openmpt_probe_file_header
openmpt_probe_file_header_get_recommended_size

sdl2

SDL_AddTimer
SDL_AtomicGet
SDL_AtomicGetPtr
SDL_AtomicSet
SDL_AtomicSetPtr
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CreateCond
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateRenderer
SDL_CreateTexture
SDL_CreateThread
SDL_CreateWindow
SDL_Delay
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroyRenderer
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DetachThread
SDL_FreeSurface
SDL_GL_CreateContext
SDL_GL_DeleteContext
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_MakeCurrent
SDL_GL_SetSwapInterval
SDL_GL_SwapWindow
SDL_GetClipboardText
SDL_GetCurrentVideoDriver
SDL_GetError
SDL_GetKeyboardFocus
SDL_GetModState
SDL_GetMouseFocus
SDL_GetMouseState
SDL_GetPerformanceCounter
SDL_GetPerformanceFrequency
SDL_GetRelativeMouseMode
SDL_GetVersion
SDL_GetWindowDisplayIndex
SDL_GetWindowSize
SDL_Has3DNow
SDL_HasAltiVec
SDL_HasClipboardText
SDL_HasMMX
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_Init
SDL_InitSubSystem
SDL_JoystickClose
SDL_JoystickGetAttached
SDL_JoystickGetHat
SDL_JoystickInstanceID
SDL_JoystickName
SDL_JoystickNameForIndex
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickUpdate
SDL_LoadFunction
SDL_LoadObject
SDL_LockAudio
SDL_LockMutex
SDL_LockSurface
SDL_NumJoysticks
SDL_PixelFormatEnumToMasks
SDL_PollEvent
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromFile
SDL_RWFromMem
SDL_RWclose
SDL_RaiseWindow
SDL_RemoveTimer
SDL_RenderClear
SDL_RenderCopy
SDL_RenderPresent
SDL_RenderSetLogicalSize
SDL_SetClipboardText
SDL_SetHintWithPriority
SDL_SetMainReady
SDL_SetPaletteColors
SDL_SetRelativeMouseMode
SDL_SetWindowFullscreen
SDL_SetWindowGrab
SDL_SetWindowIcon
SDL_SetWindowPosition
SDL_SetWindowSize
SDL_ShowCursor
SDL_ShowSimpleMessageBox
SDL_UnloadObject
SDL_UnlockAudio
SDL_UnlockMutex
SDL_UnlockSurface
SDL_UpdateTexture
SDL_UpperBlit
SDL_WaitThread
SDL_WarpMouseInWindow
SDL_WasInit
SDL_free
SDL_memset
SDL_setenv

sdl2_mixer_ext

Mix_AllocateChannels
Mix_CloseAudio
Mix_FreeChunk
Mix_FreeMusic
Mix_GetMidiPlayer
Mix_GetMusicPosition
Mix_GetMusicTotalTime
Mix_GetMusicType
Mix_GetSoundFonts
Mix_HaltChannel
Mix_HaltMusic
Mix_HookMusic
Mix_HookMusicFinished
Mix_Init
Mix_LoadMUS_RW
Mix_LoadWAV_RW
Mix_OpenAudio
Mix_PauseMusic
Mix_PlayChannelTimed
Mix_PlayMusic
Mix_Playing
Mix_QuickLoad_RAW
Mix_Quit
Mix_RegisterEffect
Mix_ResumeMusic
Mix_RewindMusic
Mix_SetMidiPlayer
Mix_SetMusicPosition
Mix_SetPanning
Mix_SetSoundFonts
Mix_Timidity_addToPathList
Mix_UnregisterEffect
Mix_Volume
Mix_VolumeMusic

advapi32

GetUserNameA

kernel32

AllocConsole
ClearCommError
CloseHandle
CreateDirectoryA
CreateFileA
DeleteCriticalSection
EnterCriticalSection
EscapeCommFunction
FormatMessageA
FreeConsole
FreeLibrary
GetCommState
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetDiskFreeSpaceA
GetFileAttributesA
GetFileInformationByHandle
GetFileType
GetLastError
GetModuleHandleA
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemInfo
GlobalMemoryStatus
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
OpenFileMappingW
PurgeComm
ReadConsoleInputA
ReadConsoleOutputCharacterA
ReadFile
SetCommMask
SetCommState
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetConsoleTitleA
SetCurrentDirectoryA
SetStdHandle
SetUnhandledExceptionFilter
SetupComm
Sleep
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputCharacterA
WriteFile

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__acmdln
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_access
_amsg_exit
_beginthreadex
_cexit
_commode
_endthreadex
_errno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_fullpath
_getcwd
_hypot
_initterm
_iob
_lock
_onexit
_putenv
_setjmp
_setjmp3
_stat
_strdup
_stricmp
_stricmp
_strlwr
_strnicmp
_strnicmp
_strupr
_unlink
_unlock
abort
atan
atof
atoi
atol
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getenv
gmtime
isalnum
isalpha
iscntrl
islower
isprint
ispunct
isspace
isupper
isxdigit
localtime
localeconv
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
modf
pow
qsort
raise
setlocale
rand
realloc
remove
setbuf
setvbuf
signal
sin
sqrt
srand
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
tan
time
tmpfile
tolower
toupper
ungetc
vfprintf
wcslen
wcsncpy

ws2_32

WSAAddressToStringA
WSACleanup
WSAGetLastError
WSAIoctl
WSAStartup
__WSAFDIsSet
bind
closesocket
gethostbyname
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
ntohs
recvfrom
select
sendto
setsockopt
socket

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 775KB - Virtual size: 775KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 854KB - Virtual size: 853KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 76.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

319b91b8a01d040e17bd05ec449a9406

Headers

DLL Characteristics

File Characteristics

Imports

libcurl

libgme

libopenmpt

sdl2

sdl2_mixer_ext

advapi32

kernel32

msvcrt

ws2_32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 775KB - Virtual size: 775KB

.rdata Size: 854KB - Virtual size: 853KB

/4 Size: 240KB - Virtual size: 240KB

.bss Size: - Virtual size: 76.1MB

.idata Size: 11KB - Virtual size: 11KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 151KB - Virtual size: 150KB

/14 Size: 512B - Virtual size: 24B

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 775KB - Virtual size: 775KB

.rdata
Size: 854KB - Virtual size: 853KB

/4
Size: 240KB - Virtual size: 240KB

.bss
Size: - Virtual size: 76.1MB

.idata
Size: 11KB - Virtual size: 11KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 151KB - Virtual size: 150KB

/14
Size: 512B - Virtual size: 24B