74825e924d93d01563c99f947aa5687b

Sharing

Copy URL

Twitter E-mail

General

Target

74825e924d93d01563c99f947aa5687b
Size

741KB
MD5

74825e924d93d01563c99f947aa5687b
SHA1

5035f76b6504557349685835c8985b4225c7d4fe
SHA256

f59b9ff344d986ea37b2af26bd6bdf4bba7d004b0f6efd82cfb050dc8b2e94ef
SHA512

11d6e2cf363ce279bfdd5410867be204deff77c809b7d9a6bf5c5d02e4be285cb88331d8f259af3ad77168a6162c17bc4926e3f0bf004ac04dd4fff2ec4fe2f5
SSDEEP

12288:OPhxl7DTX7b9Ihk1J+v0qcGyIA01nOIFYibqKUeF1sjCAco9PSu9tWUfG:OP3lnTXX11k0E/YQbq0F1KCAcoHt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/Plugins/gen_hotkeys.dll
unpack001/Plugins/gen_jumpex.dll
unpack001/Plugins/gen_tray.dll
unpack001/Plugins/in_cdda.dll
unpack001/Plugins/in_mp3.dll
unpack001/Plugins/in_wave.dll
unpack001/Plugins/out_ds.dll
unpack001/Plugins/out_wave.dll
unpack001/Plugins/vis_nsfs.dll
unpack001/winamp.exe
unpack001/winampa.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

74825e924d93d01563c99f947aa5687b
.exe windows:4 windows x86 arch:x86

1cf4252ebbb4f173d97a6ef4f79a60b5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04-12-2003 00:00

Not After

03-12-2008 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2009 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:47:e8:e4:1e:c5:d0:5d:3b:67:1b:af:2e:a3:af:e8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

20-12-2004 00:00

Not After

20-12-2005 23:59

Subject

CN=AOL\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=AOL Music,O=AOL\, Inc.,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
WaitForSingleObject
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
GlobalFree
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
SetFilePointer
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
lstrcpynA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

1f4c4faa2a5228733f7ee5edf40f6693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
WritePrivateProfileStringA
lstrcpynA
lstrcatA
lstrcpyA
GetPrivateProfileIntA
MultiByteToWideChar
GetModuleHandleA
lstrcmpiA
GlobalFree
GetPrivateProfileStringA
GlobalAlloc

user32

GetWindowLongA
DrawTextA
SetCursor
LoadCursorA
PtInRect
MapWindowPoints
GetDlgCtrlID
GetClientRect
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
LoadIconA

gdi32

SetTextColor
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/classic256.bmp
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern256.bmp
$PLUGINSDIR/opt2page.ini
$PLUGINSDIR/opt3page.ini
Plugins/gen_hotkeys.dll
.dll windows:4 windows x86 arch:x86

18aa7da9cd6c9d646d1e5f5786dfae78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

IsWindowVisible
EmptyClipboard
CloseClipboard
SetForegroundWindow
ShowWindow
OpenClipboard
SetClipboardData
MapVirtualKeyA
GetKeyNameTextA
SetWindowTextA
IsWindow
RegisterWindowMessageA
UnregisterHotKey
RegisterHotKey
KillTimer
CallWindowProcA
MessageBoxA
GetWindowLongA
SetWindowLongA
SetTimer
GetWindowTextA
GetDlgItem
GetFocus
SendMessageA
EnableWindow
GetClientRect
GetSystemMetrics
LoadBitmapA
CheckDlgButton
wsprintfA
GetForegroundWindow
GetWindowThreadProcessId

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
HeapReAlloc
lstrcpynA
GlobalDeleteAtom
GetTickCount
GlobalAddAtomA
lstrcmpiA
CreateMutexA
GetLastError
GetPrivateProfileStringA
lstrcpyA
lstrlenA
lstrcatA
GetProcessHeap
HeapFree
SetLastError
GetPrivateProfileIntA
WritePrivateProfileStringA
HeapAlloc

gdi32

DeleteObject

comctl32

ImageList_Create
ImageList_AddMasked

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/gen_jumpex.dll
.dll windows:4 windows x86 arch:x86

0753a0d3b233ea466d9008fa48fe7235

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
LocalLock
GetPrivateProfileStringA
FindClose
LocalHandle
LocalFree
FindNextFileA
LocalUnlock
CloseHandle
LocalReAlloc
SetEndOfFile
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
CreateThread
lstrcmpiA
lstrcpyA
lstrcpynA
WaitForSingleObject
CreateFileA
WriteFile
GetCurrentProcess
OutputDebugStringA
GetCurrentThreadId
WritePrivateProfileStringA
GetLastError
SetSystemPowerState
CreateEventA
DisableThreadLibraryCalls
SuspendThread
GetModuleHandleA
SetEvent
Sleep
GetVersionExA
GetModuleFileNameA
DeleteFileA
LocalAlloc
VirtualQuery
VirtualProtect
ReadFile
lstrcatA
SetFilePointer
GetTickCount

user32

GetSubMenu
SetDlgItemTextA
ReleaseCapture
GetCapture
EnableMenuItem
SetTimer
IsWindow
DestroyMenu
TrackPopupMenuEx
LoadMenuA
MessageBoxIndirectA
CheckRadioButton
IsDlgButtonChecked
FillRect
GetWindowTextA
KillTimer
CheckMenuItem
CheckMenuRadioItem
WindowFromPoint
CreatePopupMenu
IsMenu
CreateWindowExA
MapWindowPoints
SystemParametersInfoA
SetMenuDefaultItem
SetCapture
GetDC
ReleaseDC
InsertMenuItemA
CallNextHookEx
SetWindowsHookExA
GetSysColor
CheckDlgButton
EnumThreadWindows
SendDlgItemMessageA
PtInRect
GetClientRect
ShowWindow
UnhookWindowsHookEx
GetWindowLongA
SetWindowLongA
CreateDialogParamA
SetActiveWindow
SetFocus
ExitWindowsEx
EnumWindows
SetWindowTextA
DestroyWindow
GetParent
BeginPaint
GetDlgItem
GetWindowRect
ScreenToClient
EndPaint
GetDlgItemTextA
GetFocus
InvalidateRect
WindowFromDC
DrawTextA
GetMenuItemID
GetMenuItemCount
IsWindowVisible
LoadImageA
EnableWindow
GetKeyState
DeleteMenu
SendMessageA
PostMessageA
MessageBoxA
wsprintfA
SetPropA
RemovePropA
GetPropA
CallWindowProcA
GetSystemMetrics
SetParent
SetWindowPos
FindWindowA
EndDialog
GetCursorPos
FrameRect

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteA

gdi32

SetBkColor
GetPixel
SelectObject
DeleteDC
DeleteObject
MoveToEx
CreateCompatibleDC
CreateBrushIndirect
GetNearestColor
LineTo
SetTextColor
SetBkMode
CreatePen
BitBlt
SetStretchBltMode
StretchBlt
CreateSolidBrush
CreateRectRgn
FillRgn
GetTextExtentPointA
GetTextMetricsA
CombineRgn
CreateHatchBrush
GetBkColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

comctl32

ord17

ws2_32

connect
send
WSAStartup
WSACleanup
recv
select
__WSAFDIsSet
WSAGetLastError
shutdown
closesocket
socket
htons
ioctlsocket
inet_addr
gethostbyname
gethostbyaddr

msvcrt

time
rand
srand

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/gen_tray.dll
.dll windows:4 windows x86 arch:x86

a23bec82e3df24ed2d9c4864f980b908

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
WritePrivateProfileStringA

user32

CallWindowProcA
SendMessageA
GetKeyState
DialogBoxParamA
LoadIconA
wsprintfA
SetWindowTextA
SetDlgItemTextA
CheckDlgButton
EndDialog
IsDlgButtonChecked
SetWindowLongA
SetForegroundWindow

shell32

Shell_NotifyIconA

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 669B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/in_cdda.dll
.dll windows:4 windows x86 arch:x86

514cc7695c0da3c4fec8243db1ea2f33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
WaitForSingleObject
ResetEvent
DeviceIoControl
CreateEventA
CloseHandle
CreateFileA
GetVersionExA
lstrcpyA
GetDriveTypeA
GetLogicalDriveStringsA
lstrlenA
GlobalMemoryStatus
GetTickCount
Sleep
SetThreadPriority
GetProcAddress
LoadLibraryA
FreeLibrary
GetLastError
CreateThread
GlobalFree
GlobalAlloc
lstrcpynA
WideCharToMultiByte
GetPrivateProfileStringA
MultiByteToWideChar
GetPrivateProfileIntA
GetModuleFileNameA
WritePrivateProfileStringA
SetFilePointer
ReadFile
SetEndOfFile
WriteFile
lstrcmpiA
GetCurrentThreadId
GetLogicalDrives
SetErrorMode
LocalFree
DisableThreadLibraryCalls

user32

SendMessageA
SetTimer
KillTimer
EndDialog
DialogBoxParamA
CheckDlgButton
IsDlgButtonChecked
MessageBoxA
SetDlgItemTextA
ShowWindow
GetDlgItem
SendMessageTimeoutA
wsprintfA
PostMessageA
EnableWindow
GetDlgItemTextA
CharPrevA
CreateDialogParamA
SendDlgItemMessageA
IsWindow

shell32

ShellExecuteA

ole32

CoInitialize
OleRun
CoCreateInstance
CoCreateGuid
CoUninitialize

oleaut32

SysFreeString
GetErrorInfo
SysAllocStringLen

winmm

waveInPrepareHeader
waveInStop
waveInClose
waveInReset
mmioAscend
mmioRead
mmioClose
mmioDescend
waveInStart
waveInAddBuffer
mciSendCommandA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerSetControlDetails
mixerClose
waveInOpen
mmioOpenA

msvcrt

_CxxThrowException
_strdup
_adjust_fdiv
_initterm
_onexit
__dllonexit
toupper
calloc
malloc
free
_except_handler3
_ftol
strncpy
strstr
_purecall
_stricmp
isdigit
??1type_info@@UAE@XZ
strncat
atoi
_strlwr
??2@YAPAXI@Z
??3@YAXPAX@Z

Exports

Exports

winampGetExtendedFileInfo
winampGetExtendedRead_close
winampGetExtendedRead_getData
winampGetExtendedRead_lasterror
winampGetExtendedRead_open
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/in_mp3.dll
.dll windows:4 windows x86 arch:x86

0819d62f8b810dc3906ad00ed8d4586d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
WritePrivateProfileStringA
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
CloseHandle
MulDiv
SetFilePointer
ReadFile
lstrcmpiA
WriteFile
CreateFileA
FindClose
FindFirstFileA
SetEndOfFile
GetFileAttributesA
GetPrivateProfileStringA
DeleteCriticalSection
CreateThread
WaitForSingleObject
QueryPerformanceFrequency
Sleep
SetThreadPriority
GetProcAddress
LoadLibraryA
GetVersion
WideCharToMultiByte
FindNextFileW
lstrcmpA
GetFileSize
MoveFileA
DeleteFileA
DisableThreadLibraryCalls
InitializeCriticalSection
GetPrivateProfileIntA

user32

wsprintfA
SendMessageA
GetDlgItem
SetDlgItemInt
SetWindowTextA
DialogBoxParamA
EndDialog
GetDlgItemInt
SendMessageTimeoutA
SetWindowLongA
GetWindowLongA
KillTimer
SetTimer
EnableWindow
GetDlgItemTextA
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextA
PostMessageA
SendDlgItemMessageA
CharPrevA
GetWindowTextA
MessageBoxA
GetAsyncKeyState

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

PropertySheetA

wsock32

WSAStartup
WSACleanup
gethostbyaddr
gethostbyname
ioctlsocket
inet_ntoa
htons
socket
closesocket
shutdown
connect
__WSAFDIsSet
select
recv
WSAGetLastError
send

msvcrt

strcpy
_strdup
_stricmp
_strnicmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_CIacos
calloc
printf
_CxxThrowException
wcsncpy
wcslen
time
_CIpow
_ftol
wcscpy
strchr
mbstowcs
strcmp
isdigit
memcmp
_except_handler3
memmove
malloc
memcpy
strstr
atoi
strncpy
strcat
??2@YAPAXI@Z
strncmp
__CxxFrameHandler
free
??3@YAXPAX@Z
_purecall
memset
strlen
_itoa

Exports

Exports

CreateAudioDecoder
aacGetBitBuffer
aacGetDecoderInterfaces
winampGetExtendedFileInfo
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/in_wave.dll
.dll windows:4 windows x86 arch:x86

d2b5b7cc51d0d7fc4907424a3f642a42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResumeThread
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
GetTempPathA
DeleteFileA
CloseHandle
ReadFile
GetFileSize
CreateFileA
SetFilePointer
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
DisableThreadLibraryCalls
SetThreadPriority
CreateThread
TerminateThread
WaitForSingleObject
MulDiv

user32

SetWindowTextA
GetDlgItemTextA
EndDialog
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
MessageBoxA
wsprintfA
SendMessageA
DialogBoxParamA
PostMessageA

msacm32

acmFormatTagDetailsA
acmFormatDetailsA
acmFormatSuggest
acmStreamOpen
acmStreamUnprepareHeader
acmStreamClose
acmStreamConvert
acmStreamPrepareHeader

msvcrt

_stricmp
strlen
atoi
_initterm
strncmp
_adjust_fdiv
_ftol
??2@YAPAXI@Z
__CxxFrameHandler
free
malloc
memcpy
strcpy
memcmp
strrchr
strncpy
memset
??3@YAXPAX@Z
realloc

Exports

Exports

winampGetInModule2

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/out_ds.dll
.dll windows:4 windows x86 arch:x86

2ec4dcdb8f95735b0d32d749f3ee83f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
GetTickCount
Sleep
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
SetThreadPriority
CreateThread
CreateEventA
InitializeCriticalSection
MulDiv
GetVersion
GetModuleFileNameA
DisableThreadLibraryCalls
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileStructA
WritePrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileIntA

user32

DialogBoxParamA
SetClipboardData
GetClientRect
DefWindowProcA
SetWindowTextA
OpenClipboard
CloseClipboard
CreateDialogParamA
SetWindowLongA
GetParent
GetDlgItemInt
GetDlgItem
EnableWindow
ShowWindow
SetDlgItemTextA
SendDlgItemMessageA
IsWindow
DestroyWindow
GetClassInfoA
RegisterClassA
CreateWindowExA
PostMessageA
SetTimer
KillTimer
SetWindowPos
EndDialog
SendMessageA
CheckDlgButton
SetDlgItemInt
MessageBoxA
wsprintfA
GetDlgItemTextA
GetWindowLongA

msvcrt

_stricmp
_adjust_fdiv
_initterm
_onexit
__dllonexit
_i64toa
sprintf
_strdup
realloc
strncpy
malloc
free
_CIpow
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler

Exports

Exports

winampGetOutModule

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/out_wave.dll
.dll windows:4 windows x86 arch:x86

894f6275a76aec036cb170727f301e94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
Sleep
LeaveCriticalSection
MulDiv
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
LocalAlloc
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
CloseHandle
WaitForSingleObject
SetEvent
SetThreadPriority
GetCurrentThread
CreateThread
CreateEventA

user32

MessageBoxA
SetTimer
SendMessageA
EndDialog
KillTimer
SendDlgItemMessageA
EnableWindow
GetDlgItem
SetDlgItemTextA
GetWindowLongA
wsprintfA
DialogBoxParamA

winmm

waveOutGetNumDevs
waveOutGetDevCapsA
waveOutWrite
waveOutPrepareHeader
waveOutRestart
waveOutPause
waveOutUnprepareHeader
timeGetTime
waveOutReset
waveOutGetVolume
waveOutGetErrorTextA
waveOutOpen
waveOutSetVolume
waveOutClose

Exports

Exports

winampGetOutModule

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/vis_nsfs.dll
.dll windows:4 windows x86 arch:x86

8f046ee74fef9293f86330573e9104da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
WritePrivateProfileStructA
GetPrivateProfileStructA
Sleep
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GetTickCount
GlobalFree

user32

DestroyWindow
UnregisterClassA
ShowCursor
CreateWindowExA
SetDlgItemInt
SendMessageA
MessageBoxA
BeginPaint
PostMessageA
DefWindowProcA
SetCursor
GetWindowTextA
PostQuitMessage
EndPaint
GetDlgItem
InvalidateRect
IsDlgButtonChecked
CheckDlgButton
SetWindowTextA
SetDlgItemTextA
GetClientRect
SendDlgItemMessageA
GetDlgItemInt
EndDialog
wsprintfA
DialogBoxParamA
SetForegroundWindow
IsIconic
ShowWindow
SetTimer
RegisterClassA
DrawTextA

gdi32

CreateSolidBrush
SelectObject
SetTextColor
SetBkMode
DeleteObject
Rectangle
GetStockObject
SetBkColor

comdlg32

ChooseColorA

ddraw

DirectDrawCreate

Exports

Exports

winampVisGetHeader

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UninstWA.exe.nsis
demo.mp3
whatsnew.txt
winamp.exe
.exe windows:4 windows x86 arch:x86

d454e19ec35bcb606eddfa5f87b12649

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
GetCurrentProcess
GetShortPathNameA
CreateEventA
lstrcmpA
GetSystemTimeAsFileTime
GlobalUnlock
GlobalLock
GetModuleHandleA
GetLogicalDrives
GlobalReAlloc
MultiByteToWideChar
RemoveDirectoryA
CreateDirectoryA
SystemTimeToFileTime
GetSystemTime
GetDriveTypeA
ExitProcess
CreateSemaphoreA
GetLastError
GetStartupInfoA
ReleaseSemaphore
CopyFileA
GetFullPathNameA
MoveFileA
ReadFile
SetEndOfFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetThreadPriority
FindFirstFileA
FindNextFileA
FindClose
WritePrivateProfileStructA
GetPrivateProfileStructA
lstrcatA
lstrcpyA
CreateFileA
SetFilePointer
WriteFile
GetFileSize
lstrcmpiA
GetTempFileNameA
lstrcpynA
SetCurrentDirectoryA
GlobalFree
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
LoadLibraryA
GetProcAddress
GetLocalTime
DeleteFileA
GetTempPathA
GetPrivateProfileIntA
FreeLibrary
CreateProcessA
Sleep
CreateThread
WaitForSingleObject
CloseHandle
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
MulDiv
GetTickCount
GlobalAlloc
LoadLibraryExA

user32

DeferWindowPos
EndDeferWindowPos
SetWindowRgn
DeleteMenu
GetMenuStringA
IsIconic
SetDlgItemInt
GetDlgItemInt
SetCursorPos
DrawIconEx
SetFocus
BeginDeferWindowPos
RegisterClipboardFormatA
DialogBoxParamA
GetMenuItemRect
SystemParametersInfoA
GetMenuItemCount
ModifyMenuA
CreatePopupMenu
GetFocus
DestroyMenu
SendMessageTimeoutA
GetMessagePos
DestroyCursor
DestroyIcon
TranslateAcceleratorA
CharPrevA
SetRect
EnumDisplaySettingsA
GetWindowRgn
GetKeyState
WindowFromPoint
PostQuitMessage
UpdateWindow
GetAsyncKeyState
wsprintfA
LoadImageA
ShowWindow
SetForegroundWindow
DrawTextA
GetDlgItemTextA
SendMessageA
InvalidateRect
SetWindowPos
ScreenToClient
GetWindowRect
GetDlgItem
CreateDialogParamA
LoadMenuA
GetSystemMenu
InsertMenuA
GetMenuItemInfoA
SetMenuItemInfoA
EnableMenuItem
InsertMenuItemA
LoadIconA
SetClassLongA
RegisterWindowMessageA
LoadStringA
LoadAcceleratorsA
RemoveMenu
GetClassLongA
CharNextA
CallWindowProcA
PeekMessageA
GetSystemMetrics
EnableWindow
GetSubMenu
CheckMenuItem
SetCapture
ReleaseCapture
TrackPopupMenu
FindWindowExA
IsChild
GetCursorPos
LoadCursorA
SetCursor
ClientToScreen
FillRect
GetUpdateRect
BeginPaint
EndPaint
GetForegroundWindow
CreateWindowExA
DefWindowProcA
FindWindowA
CheckDlgButton
IsWindowVisible
SendDlgItemMessageA
SetTimer
IsDlgButtonChecked
MessageBoxA
KillTimer
GetClassInfoA
RegisterClassA
IsWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostMessageA
SetWindowLongA
SetParent
GetWindowLongA
EndDialog
GetParent
SetDlgItemTextA
GetClientRect
GetDC
GetWindowTextA
SetWindowTextA
GetWindowDC
ReleaseDC
DestroyWindow
wvsprintfA

gdi32

GetTextColor
GetBkColor
RoundRect
GetObjectA
SetPixel
CreateSolidBrush
CreatePen
CreatePolyPolygonRgn
CreateRectRgn
EnumFontsA
CreateFontIndirectA
GetTextExtentPoint32A
GetStockObject
SetBkColor
IntersectClipRect
Rectangle
ExtSelectClipRgn
StretchBlt
CreateCompatibleBitmap
CreateFontA
GetTextMetricsA
DeleteObject
DeleteDC
GetDIBColorTable
GetDIBits
SelectObject
CreateCompatibleDC
SetBkMode
SetTextColor
LineTo
MoveToEx
UpdateColors
RealizePalette
SelectPalette
BitBlt
CreateDIBSection
CreatePalette
GetDeviceCaps
CreateBrushIndirect
GetNearestColor
GetPixel

advapi32

RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
RegOpenKeyA

shell32

Shell_NotifyIconA
SHGetMalloc
DragQueryPoint
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
SHAppBarMessage
ShellExecuteA

comctl32

ord17

ole32

CoCreateGuid
CoRevokeClassObject
RevokeDragDrop
OleInitialize
RegisterDragDrop
CoRegisterClassObject
CoInitialize
CoCreateInstance
OleUninitialize

comdlg32

GetSaveFileNameA
GetOpenFileNameA

msacm32

acmFormatSuggest
acmStreamOpen
acmStreamConvert
acmStreamClose
acmStreamUnprepareHeader
acmFormatDetailsA
acmFormatTagDetailsA
acmFormatChooseA
acmStreamPrepareHeader

msvcrt

_mbsstr
memcpy
strcpy
rand
_ftol
fclose
fread
fopen
strcat
memset
pow
sin
sqrt
_CIpow
free
fprintf
malloc
strlen
atoi
sprintf
toupper
strftime
localtime
time
strcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
fgets
memcmp
fputc
strncpy
strncmp
realloc
_snprintf
ftell
_access
fseek
srand
_pctype
_isctype
__mb_cur_max
ceil
qsort
fwrite
strchr
strtol
tolower
isalnum
strstr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_strnicmp
_strdup
_chmod
_except_handler3

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 581KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
winamp.lks
winamp.m3u
winampa.exe
.exe windows:4 windows x86 arch:x86

efb91844dadf329591b1a2e18f510f8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
CloseHandle
SetFilePointer
ReadFile
LoadLibraryExA
FreeLibrary
GetPrivateProfileStringA
lstrcatA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
lstrcmpA
lstrcmpiA
lstrlenA
CreateFileA
GetTickCount
lstrcpyA

user32

CreatePopupMenu
SendMessageA
SetForegroundWindow
GetCursorPos
GetWindowTextA
FindWindowA
DispatchMessageA
GetMessageA
MessageBoxA
CreateWindowExA
InsertMenuItemA
RegisterWindowMessageA
LoadImageA
DestroyIcon
DefWindowProcA
DestroyWindow
PostQuitMessage
SetTimer
wsprintfA
RegisterClassA
DestroyMenu
TrackPopupMenu

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegCreateKeyA
RegDeleteValueA
RegSetValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
winampmb.htm
.html

Sharing

General

Malware Config

Signatures

Files

1cf4252ebbb4f173d97a6ef4f79a60b5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0aCertificate

Extended Key Usages

Key Usages

0e:47:e8:e4:1e:c5:d0:5d:3b:67:1b:af:2e:a3:af:e8Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 108KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 8KB

1f4c4faa2a5228733f7ee5edf40f6693

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 894B

18aa7da9cd6c9d646d1e5f5786dfae78

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

0753a0d3b233ea466d9008fa48fe7235

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

comdlg32

advapi32

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

0e:47:e8:e4:1e:c5:d0:5d:3b:67:1b:af:2e:a3:af:e8
Certificate

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 108KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 894B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 63KB - Virtual size: 72KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 669B

.data
Size: 512B - Virtual size: 248B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 228B

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 122KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 269KB - Virtual size: 268KB

.rdata
Size: 175KB - Virtual size: 174KB

.data
Size: 27KB - Virtual size: 283KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 15KB - Virtual size: 14KB