SimpleSoundBoard[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

SimpleSoundBoard.rar
Size

348KB
MD5

7b4a5b64996fdcb1e2932cb67de3f0aa
SHA1

8b8a487a517c2a2fb7f27a46e835a7b548d0d1ba
SHA256

68ce8c2149b4eab7e6a8aea2c101b414d9ad64b6f2b6ad2c44ae2a61d36725f8
SHA512

2637461bccae26abe9643dbc29279660826641257133bac19658b4b883f0e19dd31db5d133037202b5554a27343d41a85c6e439b09c9e8f6c98cdda32e4bba8e
SSDEEP

6144:EnGwLbp6oUDhhkDrxPSkr3JZ/J9wfPMRrPRWMpsbeWy4AXkGaWgL9XpEdx1rvVXt:EnGwLFxU3kDr1SkDJxfkERrPQAYdy4Z8

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HotkeyControl.dll
unpack001/SimpleSoundPlayer.exe
unpack001/ikpFlac.dll
unpack001/ikpMP3.dll
unpack001/irrKlang.NET4.dll

Files

SimpleSoundBoard.rar
.rar
HotkeyControl.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SimpleSoundPlayer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
devices.txt
ikpFlac.dll
.dll windows x86

6208743ef56abc70237817775bc57aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetFileType
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetStartupInfoA
HeapSize
SetStdHandle
GetSystemTimeAsFileTime
CloseHandle
CreateFileA
SetFilePointer
MultiByteToWideChar
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSection
LoadLibraryA
LCMapStringA
LCMapStringW
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Exports

Exports

?irrKlangPluginInit@@YGXPAVISoundEngine@irrklang@@PBD@Z

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ikpMP3.dll
.dll windows x86

36d375e758898d13b9c225d2a3e9fd95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

Exports

Exports

?irrKlangPluginInit@@YGXPAVISoundEngine@irrklang@@PBD@Z

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
irrKlang.NET4.dll
.dll windows x86

41ea4558decdc5b17adc72bfdbf84192

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr100

fread
_crt_debugger_hook
ftell
??2@YAPAXI@Z
fopen
fclose
?__ExceptionPtrCopy@@YAXPAXPBX@Z
wcstombs
??_V@YAXPAX@Z
_cexit
__FrameUnwindFilter
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
?terminate@@YAXXZ
??3@YAXPAX@Z
_purecall
sin
labs
ldexp
fabs
abs
ceil
perror
_mkdir
fseek
acos
frexp
toupper
memchr
memmove
strcpy
calloc
floor
realloc
strcmp
memset
strcat
sprintf
printf
??_U@YAPAXI@Z
strlen
_getcwd
_chdir
_errno
_splitpath
memcmp
log
memcpy
fmod
sqrt
atan
_findclose
_findnext64i32
_findfirst64i32
_beginthreadex
strstr
malloc
exp
pow
qsort
fprintf
__iob_func
exit
abort
cos

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetVersionExA
SetThreadPriority
ResumeThread
SetEvent
CloseHandle
CreateEventA
QueryPerformanceFrequency
OutputDebugStringA
GetModuleHandleA
LoadLibraryA
GetProcAddress
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
EncodePointer
DecodePointer
InterlockedExchange
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

winmm

waveOutWrite
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutPrepareHeader

ole32

CoUninitialize
CoInitialize
CoCreateInstance

user32

MsgWaitForMultipleObjects
DefWindowProcA
RegisterClassA
CreateWindowExA
DestroyWindow
MessageBoxA

mscoree

_CorDllMain

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 103KB - Virtual size: 102KB

.rsrc Size: 82KB - Virtual size: 82KB

.reloc Size: 512B - Virtual size: 12B

6208743ef56abc70237817775bc57aba

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 9KB

36d375e758898d13b9c225d2a3e9fd95

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 58KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

41ea4558decdc5b17adc72bfdbf84192

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

winmm

ole32

user32

mscoree

Sections

.text Size: 305KB - Virtual size: 305KB

.rdata Size: 100KB - Virtual size: 100KB

.data Size: 69KB - Virtual size: 74KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 82KB - Virtual size: 82KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 58KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 305KB - Virtual size: 305KB

.rdata
Size: 100KB - Virtual size: 100KB

.data
Size: 69KB - Virtual size: 74KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB