7b8f1b7c5ce3270929f4b02a413ff164de3e315781aa43b5cc2de333833c9242

Sharing

Copy URL Twitter E-mail

General

Target

7b8f1b7c5ce3270929f4b02a413ff164de3e315781aa43b5cc2de333833c9242
Size

401KB
MD5

d8f78598ff6a78e25c7451bf537cac99
SHA1

0b924af216eb2d52fb06c338499f02c4762517f8
SHA256

7b8f1b7c5ce3270929f4b02a413ff164de3e315781aa43b5cc2de333833c9242
SHA512

0981df6dfe643ccdaf40fa2dbc3c34184c829eaf74b5803a1f3896c1f083738790cc2a607c794707ef37a8acbb75a3429c28c79fb9015cf1be764b7453c7639f
SSDEEP

6144:n3XT7PTZ/1cTY62d3vOmREamdhI1/Jd+bzPjzT3PsDlP8QGwmVO:n3bZyTY62d31Cl93zTSd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b8f1b7c5ce3270929f4b02a413ff164de3e315781aa43b5cc2de333833c9242

Files

7b8f1b7c5ce3270929f4b02a413ff164de3e315781aa43b5cc2de333833c9242
.dll windows:6 windows x86 arch:x86

da41982e662a014653521de0fa3b8734

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\VS\sacddecoder\foo_dsd_converter\Release\foo_dsd_converter.pdb

Imports

shared

_GetInfiniteWaitEvent@0
??1uCallStackTracker@@QAE@XZ
_uPrintfV@12
??0uCallStackTracker@@QAE@PBD@Z
_uFormatSystemErrorMessage@8
_uBugCheck@0
_uPrintCrashInfo_OnEvent@8

msvcp140_atomic_wait

__std_atomic_wait_direct
__std_atomic_notify_one_direct

msvcp140

?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_join
_Thrd_id
_Thrd_hardware_concurrency
?fail@ios_base@std@@QBE_NXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
_Cnd_do_broadcast_at_thread_exit
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

kernel32

VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
DeleteFileW
RaiseException
GetTickCount
OutputDebugStringW
CloseHandle
GlobalLock
GlobalUnlock
CreateEventW
GetProcAddress
GetModuleHandleW
IsDebuggerPresent
GetCurrentProcess
GetSystemTimeAsFileTime
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
MulDiv
LoadLibraryExW
GetVersionExW
WakeAllConditionVariable
VerifyVersionInfoW
VerSetConditionMask
GlobalFree
GlobalAlloc
GlobalSize
LocalFree
FormatMessageA
LoadLibraryExA
GetThreadLocale
lstrlenW

user32

DrawIconEx
DrawIcon
FrameRect
FillRect
GetMenuStringW
GetIconInfo
GetDC
SetLayeredWindowAttributes
PostMessageW
ScreenToClient
GetCursorPos
SetFocus
KillTimer
ShowWindow
SetCapture
SetCursor
LoadCursorW
SetTimer
DestroyWindow
RegisterClassExW
IntersectRect
CreateWindowExW
GetScrollInfo
GetGestureInfo
CloseGestureInfoHandle
DrawFocusRect
SetRectEmpty
SetScrollInfo
UpdateWindow
SetScrollPos
ScrollWindowEx
InvalidateRgn
GetNextDlgTabItem
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetMessagePos
TrackMouseEvent
IsRectEmpty
GetFocus
MessageBeep
NotifyWinEvent
AdjustWindowRect
GetClipboardData
SystemParametersInfoW
ReleaseDC
GetWindowDC
DrawTextW
RegisterWindowMessageW
IsWindowEnabled
InvalidateRect
RedrawWindow
EndPaint
BeginPaint
ClientToScreen
PtInRect
CallWindowProcW
DrawFrameControl
GetDlgCtrlID
DefWindowProcW
OffsetRect
CopyRect
GetMenuBarInfo
SetGestureConfig
InflateRect
CharLowerW
WindowFromPoint
CloseClipboard
OpenClipboard
GetKeyState
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
GetClassNameW
GetSysColor
GetWindowLongW
GetWindow
GetWindowRect
SetWindowPos
MonitorFromWindow
EndDialog
GetActiveWindow
GetMonitorInfoW
MapWindowPoints
SendDlgItemMessageW
GetClientRect
GetDlgItem
GetParent
EnableWindow
FindWindowW
SetWindowLongW
DialogBoxParamW
UnregisterClassW
SendMessageW
GetClassInfoExW

ole32

CreateStreamOnHGlobal
CoCreateInstance
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
CoTaskMemFree

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ord74

oleaut32

VariantInit
VariantClear
SysAllocString

comctl32

ord413
ImageList_DrawEx
ImageList_GetIconSize
ord410

uxtheme

IsThemePartDefined
CloseThemeData
GetThemePartSize
OpenThemeData
DrawThemeTextEx
DrawThemeBackground
SetWindowTheme

gdi32

CombineRgn
OffsetRgn
GetBkColor
GetTextColor
SetBkMode
MoveToEx
LineTo
SetDCPenColor
SetDCBrushColor
ExtTextOutW
SetBkColor
CreatePen
GetDeviceCaps
LPtoDP
SetTextColor
SelectObject
DeleteObject
DeleteDC
GetStockObject
IntersectClipRect
CreateCompatibleBitmap
SetViewportOrgEx
BitBlt
GetTextExtentPoint32W
CreatePolygonRgn
FrameRgn
CreateRectRgnIndirect
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
RestoreDC
GetTextMetricsW
FillRgn
CreateRectRgn
GetCurrentObject
SaveDC
SetWindowOrgEx
OffsetWindowOrgEx

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateFromHDC
GdipDeleteGraphics
GdipCreatePen1
GdipSetSmoothingMode
GdiplusStartup
GdipDrawLineI
GdipDeletePen
GdiplusShutdown

vcruntime140

__std_terminate
__CxxFrameHandler3
strstr
__std_exception_destroy
__std_exception_copy
strchr
memcpy
memcmp
memmove
_CxxThrowException
memset
__current_exception
__current_exception_context
_except_handler4_common
__std_type_info_destroy_list
_purecall

api-ms-win-crt-heap-l1-1-0

_callnewh
_expand
free
_aligned_malloc
_aligned_realloc
_aligned_free
_recalloc
malloc
realloc

api-ms-win-crt-stdio-l1-1-0

fputc
fwrite
fgetpos
setvbuf
ungetc
fsetpos
fread
_fseeki64
__stdio_common_vfprintf
_get_stream_buffer_pointers
__acrt_iob_func
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__stdio_common_vswprintf_s
fclose
fflush
fgetc

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
exit
terminate
_errno
_beginthreadex
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-convert-l1-1-0

_atoi64

api-ms-win-crt-math-l1-1-0

__libm_sse2_pow
lround
floor

api-ms-win-crt-string-l1-1-0

strlen
strncpy
strcmp
_wcsicmp
_wcsnicmp
wcsnlen

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da41982e662a014653521de0fa3b8734

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shared

msvcp140_atomic_wait

msvcp140

kernel32

user32

ole32

shell32

oleaut32

comctl32

uxtheme

gdi32

msimg32

dwmapi

oleacc

gdiplus

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 295KB - Virtual size: 295KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 13KB - Virtual size: 19KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 18KB - Virtual size: 18KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 295KB - Virtual size: 295KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 13KB - Virtual size: 19KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 18KB - Virtual size: 18KB

.movehcs
Size: 512B - Virtual size: 4KB