5982ba93164b2810e67c133c9f7215e0

Sharing

Copy URL Twitter E-mail

General

Target

5982ba93164b2810e67c133c9f7215e0
Size

1.3MB
MD5

5982ba93164b2810e67c133c9f7215e0
SHA1

4b3fb397b2b8013447c677abeac221679a71481f
SHA256

489462252a8dd7cd9c921ac3f044696bacfed8135bd74560da3738705e9f93bf
SHA512

b6753aa0bd989e410d36f681320d6a0850a51a173c57649b84d5a193342cccda2ce7572afe71d9b0130f6eb25ca1a86f87836b0cf83b52cb8fed87fd6678d729
SSDEEP

24576:zKzlxaGv9VH6wDtgKzbmLKAEy2dC0XBqeWr8F/o0vGvN8YibuWXjK+gXANu0E5UU:zslxaGvbt/bQKAEy2dBRPWQJQVGuWzKt

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Mscomctl.OCX	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Mp3RainBow.exe	upx
static1/unpack001/Mscomctl.OCX	upx

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Menu.ocx
unpack001/Mp3.dll
unpack001/Mp3RainBow.exe
unpack002/out.upx
unpack001/Mscomctl.OCX
unpack003/out.upx
unpack001/MusicInfo.dll
unpack001/MusicLyrics.dll
unpack001/Support/DriveDir.ocx
unpack001/Support/vb6chs.dll
unpack001/bass.dll
unpack001/bass_ape.dll
unpack001/bassflac.dll
unpack001/basswma.dll

Files

5982ba93164b2810e67c133c9f7215e0
.rar
Menu.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

002d464f5542e4ac4014a0becc3edf83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
ord693
__vbaVarVargNofree
__vbaFreeVar
__vbaCyMul
__vbaLenBstr
__vbaStrVarMove
__vbaAptOffset
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
ord513
__vbaVarIndexStore
__vbaNextEachVar
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaVarSetVarAddref
__vbaResume
__vbaCopyBytes
__vbaForEachCollAd
__vbaStrCat
ord629
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
ord556
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaVarCmpGe
__vbaAryDestruct
__vbaVarIndexLoadRefLock
EVENT_SINK2_Release
__vbaExitProc
__vbaForEachCollObj
ord300
ord301
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
ord303
__vbaVarIndexStoreObj
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
__vbaFpR4
ord306
__vbaForEachCollVar
__vbaBoolVar
ord307
ord309
__vbaBoolVarNull
__vbaVarTstLt
__vbaRefVarAry
_CIsin
__vbaErase
ord525
ord632
__vbaVarZero
__vbaNextEachCollObj
__vbaChkstk
__vbaCyVar
ord526
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaExitEachColl
__vbaVarTstEq
__vbaAryConstruct2
__vbaCyI4
__vbaNextEachCollVar
__vbaI2I4
ord562
DllFunctionCall
__vbaVarOr
__vbaFpUI1
__vbaCastObjVar
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord601
__vbaUI1I2
_CIsqrt
__vbaObjIs
__vbaRedimVar
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaUI1I4
__vbaExceptHandler
ord711
ord712
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFailedFriend
ord607
__vbaVarDiv
ord608
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaStrVarVal
__vbaUbound
__vbaVarCat
__vbaCheckType
__vbaI2Var
ord537
ord644
_CIlog
__vbaErrorOverflow
ord647
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
EVENT_SINK2_AddRef
ord681
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
__vbaVarTstNe
ord101
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord105
__vbaVarAdd
__vbaAryLock
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaVerifyVarObj
ord616
__vbaVarCopy
__vbaUnkVar
__vbaVarLateMemCallLd
__vbaFpI4
__vbaRecDestructAnsi
__vbaVarSetObjAddref
__vbaLateMemCallLd
ord617
_CIatan
ord618
__vbaStrMove
__vbaCastObj
__vbaForEachVar
__vbaI4Cy
_allmul
__vbaLateIdSt
ord652
_CItan
__vbaNextEachCollAd
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mp3.dll
.dll windows:4 windows x86 arch:x86

17831cd6d91ae3f26684dc05c2bd46a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2859
ord3571
ord5785
ord5647
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord1089
ord3953
ord2982
ord3147
ord3922
ord3259
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord758
ord2158
ord475
ord562
ord323
ord1640
ord640
ord816
ord1270
ord2393
ord1168
ord4465
ord5791
ord3626
ord3692
ord3663
ord2414
ord1641
ord823
ord5714
ord5289
ord815
ord600
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1197
ord269
ord1578
ord6467
ord1255
ord826
ord1570
ord1253
ord1243

msvcrt

??1type_info@@UAE@XZ
free
malloc
__dllonexit
_onexit
_initterm
_adjust_fdiv
rand
_EH_prolog
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

user32

ReleaseDC
GetDC
SetRect
PtInRect

gdi32

CreatePalette
DeleteObject
SetDIBitsToDevice
RealizePalette
GetDeviceCaps
GdiFlush
CreateDIBSection
GetDIBColorTable
SelectObject
CreateCompatibleDC
GetObjectA
GetPixel
CreateDiscardableBitmap

msvfw32

DrawDibSetPalette
DrawDibRealize
DrawDibDraw
DrawDibClose

Exports

Exports

WaterInit
WaterMouseAction
WaterTimer

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mp3RainBow.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 968KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mp3RainBowSet.ini
Mscomctl.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 684KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 385KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.text
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MusicInfo.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllEnterPoint
GetMusic_Album
GetMusic_Artist
GetMusic_BitRate
GetMusic_Channels
GetMusic_Comment
GetMusic_Duration
GetMusic_SampleRate
GetMusic_Title
GetMusic_Track
GetMusic_Year
OpenMusicFile
SaveMusicFile
SetMusic_Album
SetMusic_Artist
SetMusic_Comment
SetMusic_Title
SetMusic_Track
SetMusic_Year

Sections

CODE
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 543B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MusicLyrics.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllEnterPoint
GetLyricAlbum
GetLyricArtist
GetLyricFileName
GetLyricLink
GetLyricLinkType
GetLyricSelf
GetLyricTitle
GetLyricsCount
SaveLyricSelf

Sections

CODE
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/DriveDir.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

e0f69d3c1560bf9e9f641c604fce7014

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

ord587
MethCallEngine
ord516
ord517
ord595
ord598
EVENT_SINK_AddRef
ord527
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord717
ProcCallEngine
ord537
ord644
ord648
ord573
ord685
ord101
ord102
ord103
ord104
ord105
ord616
ord618
ord650
ord546
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Support/vb6chs.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Support/新云软件.url
.url
What's New.txt
bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetEAXMix
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelGetTags
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelPreBuf
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetDevice
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetFlags
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXReset
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetAttribute
BASS_MusicGetOrderPosition
BASS_MusicGetOrders
BASS_MusicLoad
BASS_MusicSetAttribute
BASS_Pause
BASS_PluginFree
BASS_PluginGetInfo
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetChannels
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_Update
_

Sections

Size: 86KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bass_ape.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_APE_StreamCreateFile
BASS_APE_StreamCreateFileUser
BASSplugin

Sections

Size: 30KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 984B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bassflac.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_FLAC_StreamCreateFile
BASS_FLAC_StreamCreateFileUser
BASS_FLAC_StreamCreateURL
BASSplugin

Sections

Size: 22KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 576B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
basswma.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_WMA_EncodeClose
BASS_WMA_EncodeGetClients
BASS_WMA_EncodeGetPort
BASS_WMA_EncodeGetRates
BASS_WMA_EncodeOpen
BASS_WMA_EncodeOpenFile
BASS_WMA_EncodeOpenNetwork
BASS_WMA_EncodeOpenNetworkMulti
BASS_WMA_EncodeOpenPublish
BASS_WMA_EncodeOpenPublishMulti
BASS_WMA_EncodeSetNotify
BASS_WMA_EncodeSetTag
BASS_WMA_EncodeWrite
BASS_WMA_GetWMObject
BASS_WMA_StreamCreateFile
BASS_WMA_StreamCreateFileAuth
BASS_WMA_StreamCreateFileUser
BASSplugin

Sections

Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

002d464f5542e4ac4014a0becc3edf83

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 223KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 20KB - Virtual size: 18KB

17831cd6d91ae3f26684dc05c2bd46a4

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

msvfw32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 848B

.reloc Size: 4KB - Virtual size: 1KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 968KB

UPX1 Size: 340KB - Virtual size: 340KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 4KB - Virtual size: 57KB

.rsrc Size: 8KB - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 684KB

UPX1 Size: 385KB - Virtual size: 388KB

.rsrc Size: 151KB - Virtual size: 152KB

Headers

File Characteristics

Sections

.text Size: 688KB - Virtual size: 687KB

.data Size: 32KB - Virtual size: 28KB

.rsrc Size: 280KB - Virtual size: 279KB

.reloc Size: 40KB - Virtual size: 38KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 382KB - Virtual size: 381KB

DATA Size: 6KB - Virtual size: 6KB

BSS Size: - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 8KB

.edata Size: 1024B - Virtual size: 543B

.reloc Size: 26KB - Virtual size: 25KB

.rsrc Size: 22KB - Virtual size: 22KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 427KB - Virtual size: 426KB

.text
Size: 224KB - Virtual size: 223KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 20KB - Virtual size: 18KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 848B

.reloc
Size: 4KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 968KB

UPX1
Size: 340KB - Virtual size: 340KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 4KB - Virtual size: 57KB

.rsrc
Size: 8KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 684KB

UPX1
Size: 385KB - Virtual size: 388KB

.rsrc
Size: 151KB - Virtual size: 152KB

.text
Size: 688KB - Virtual size: 687KB

.data
Size: 32KB - Virtual size: 28KB

.rsrc
Size: 280KB - Virtual size: 279KB

.reloc
Size: 40KB - Virtual size: 38KB

CODE
Size: 382KB - Virtual size: 381KB

DATA
Size: 6KB - Virtual size: 6KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 1024B - Virtual size: 543B

.reloc
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 22KB - Virtual size: 22KB

CODE
Size: 427KB - Virtual size: 426KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 302B

.reloc
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 27KB - Virtual size: 27KB

.text
Size: 120KB - Virtual size: 117KB

.data
Size: - Virtual size: 8KB

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 8KB - Virtual size: 7KB

.rdata
Size: 512B - Virtual size: 112B

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 568B - Virtual size: 4KB

.rsrc
Size: 984B - Virtual size: 4KB

.rsrc
Size: 576B - Virtual size: 4KB

.rsrc
Size: 568B - Virtual size: 4KB