wifiaudio_windows[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

wifiaudio_windows.exe
Size

738KB
MD5

352275fe6269f0233909ec62e4a57d40
SHA1

7fe696a07bfba9c933f75b919a2f81383c4d19a2
SHA256

557b304b02e631499c0baff11f990dc3477de2d09753a77241ff4cc65e933ddc
SHA512

b7fded9d900469250d05d4cbff94ec48050181ae392c36932ebee1fe1d1b196297ba06b6d1ace12d56dc8041e85770c51ef1a30cffeb388311fb9ab3f7793544
SSDEEP

12288:4koTL1gp+JNVhGMpp9tLWDLYaNzNmjk4fvjhiYJPz7TIQzD9eRkWGZtHKBx4fsGJ:cL1gp+JNVhGMpp9tLWDVNcLAQzMcZtEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
wifiaudio_windows.exe

Files

wifiaudio_windows.exe
.exe windows x86

30a927a99be98549bc3970261d2acac9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsW

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrlenW

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_fmode
_hypot
_initterm
_iob
_lock
_onexit
_setjmp3
_sopen
mktime
localtime
gmtime
clock
cosh
exit
fprintf
fputc
fputs
free
frexp
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
log10
malloc
memchr
memcmp
memcpy
memmove
memset
perror
printf
rand
realloc
setlocale
signal
sinh
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strrchr
strspn
strtol
strtoul
_ultoa
_unlock
_wsopen
abort
acos
asin
atan
atoi
tan
tanh
tolower
ungetc
vfprintf
wcscmp
wcslen
bsearch
calloc
longjmp
_strdup
_read
_fdopen
_close

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree

shell32

Shell_NotifyIconW

user32

CheckDlgButton
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyMenu
DispatchMessageW
FindWindowW
GetCursorPos
GetDesktopWindow
GetMessageW
GetSysColorBrush
GetSystemMetrics
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
InsertMenuW
IsDlgButtonChecked
IsWindowVisible
LoadCursorW
LoadImageW
MessageBoxW
PostQuitMessage
RegisterClassW
SendMessageW
SetFocus
SetForegroundWindow
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMessage
wsprintfW

wsock32

WSAStartup
bind
closesocket
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
recvfrom
sendto
setsockopt
socket

Sections

.text
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30a927a99be98549bc3970261d2acac9

Headers

File Characteristics

Imports

advapi32

avrt

kernel32

msvcrt

ole32

shell32

user32

wsock32

Sections

.text Size: 571KB - Virtual size: 570KB

.data Size: 512B - Virtual size: 252B

.rdata Size: 139KB - Virtual size: 138KB

.rodata Size: 512B - Virtual size: 208B

.bss Size: - Virtual size: 7KB

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 56B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 571KB - Virtual size: 570KB

.data
Size: 512B - Virtual size: 252B

.rdata
Size: 139KB - Virtual size: 138KB

.rodata
Size: 512B - Virtual size: 208B

.bss
Size: - Virtual size: 7KB

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 56B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 19KB - Virtual size: 19KB