ddba3d9bc22c864e69deb936cd3f72c2d52769aa03158947f744869bc938f108

Sharing

Copy URL Twitter E-mail

General

Target

ddba3d9bc22c864e69deb936cd3f72c2d52769aa03158947f744869bc938f108
Size

257KB
MD5

197051d082a185623957f817be055b21
SHA1

2ce416bb0f6d88188108df9b543e9f1a7a3e52ae
SHA256

ddba3d9bc22c864e69deb936cd3f72c2d52769aa03158947f744869bc938f108
SHA512

61d80f8f563ee99c9b48d4abe60a31ed91081e7e4d0e8813e586c352aedb2595e2d87ba0424a4796f62d3530d86e9772515cd72339c9a049f342afc299869782
SSDEEP

3072:64LkwsmpyQZ7ZaNQkGnyLzKYlJys5O5ejTRzlntlNk76GPAk51oHyvdVY2:fkwR1aNnU4Wshzlny7LrcyFV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddba3d9bc22c864e69deb936cd3f72c2d52769aa03158947f744869bc938f108

Files

ddba3d9bc22c864e69deb936cd3f72c2d52769aa03158947f744869bc938f108
.dll windows:6 windows x64 arch:x64

7afac8362dc48dab8022943b82684af7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
DecodePointer
HeapAlloc
HeapFree
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetSystemTimeAsFileTime
GetCurrentProcess
IsDebuggerPresent
GetProcAddress
OutputDebugStringW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

user32

SendDlgItemMessageW
SetWindowTextW
GetDlgItem
SendMessageW
ShowWindow
CreateDialogParamW
GetDlgItemInt
SetDlgItemInt
wsprintfW
EnableWindow
DestroyWindow
SetWindowLongPtrW
DialogBoxParamW
wsprintfA
EndDialog
UnregisterClassW

shared

uGetDlgItemText
uSendMessageText
?calculate_peak@audio_math@@YANPEBN_K@Z
GetInfiniteWaitEvent
uPrintfV
uExceptFilterProc
uGetWindowText
uSetWindowText
uSetDlgItemText
uPrintCrashInfo_OnEvent
uBugCheck
ModalDialog_Switch

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
__C_specific_handler
memcpy
memmove
__std_type_info_destroy_list
memset
_CxxThrowException
memcmp

api-ms-win-crt-heap-l1-1-0

free
_expand
calloc
_aligned_malloc
_aligned_free
malloc
realloc
_callnewh
_aligned_realloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

llround
cos
log10
lround
pow
sin
tanh

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7afac8362dc48dab8022943b82684af7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shared

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 138KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 2KB

.pdata Size: 7KB - Virtual size: 7KB

_RDATA Size: 68KB - Virtual size: 67KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 139KB - Virtual size: 138KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 2KB

.pdata
Size: 7KB - Virtual size: 7KB

_RDATA
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB

.movehcs
Size: 512B - Virtual size: 4KB