Encore_v0[.]1[.]0_x64[.]zip

Resubmissions

28-03-2024 12:04

240328-n8tngaca3z 3

28-03-2024 11:55

240328-n3lqnshf45 3

Sharing

Copy URL

Twitter E-mail

General

Target

Encore_v0.1.0_x64.zip
Size

20.8MB
MD5

0de5f8bbcf67d5eede29a4dd8df481eb
SHA1

9bc5efafe292f8d6f58c2c9302a1d216f1464884
SHA256

15a83d5b04bc242edda951b0b9f0de2cad318fd2a7da5dd5e762ef0d9343cc13
SHA512

cfb81d8efa8f7043edd4e1dbd06eb4b135ac75dd0d51257d3370430ff502f3dd4f9ee961aca97d0a018f7e079db489c53c16f06366353ab1d311667d59775ea9
SSDEEP

393216:Wsx7jFyO5pgzvV4ByImBfwaoiZ1k33a4XSBO26KaAoBH8jf2WEQBJ+:nJFh5pgGaRtea4uN6niCqk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Encore.exe

Files

Encore_v0.1.0_x64.zip
.zip
Assets/fonts/RedHatDisplay-Black.ttf
Assets/fonts/RedHatDisplay-BlackItalic.ttf
Assets/highway/SmasherInner.png
.png
Assets/highway/SmasherInnerActive.png
.png
Assets/highway/SmasherOuter.png
.png
Assets/highway/board.obj
Assets/highway/emh.obj
Assets/highway/expert.obj
Assets/highway/highway sides.png
.png
Assets/highway/highway.png
.png
Assets/highway/highway_od.png
.png
Assets/highway/overdrive highway.png
.png
Assets/highway/smasher.obj
Assets/highway/smasherBoard.png
.png
Assets/highway/smasher_press.png
.png
Assets/highway/smasher_reg.png
.png
Assets/notes/lift.obj
Assets/notes/note.obj
Assets/notes/note_d.png
.png
Assets/notes/note_e.png
.png
Assets/notes/note_od_d.png
.png
Assets/notes/note_od_e.png
.png
Assets/oldmult/multiplierempty.png
.png
Assets/oldmult/overdrivebar.png
.png
Assets/oldmult/overdrivefill.png
.png
Assets/shockwave.obj
Assets/shockwave.png
.png
Assets/ui/mult_base-old.png
.png
Assets/ui/mult_base.png
.png
Assets/ui/mult_fill-old.png
.png
Assets/ui/mult_fill.png
.png
Assets/ui/mult_fill_od-old.png
.png
Assets/ui/mult_fill_od.png
.png
Assets/ui/mult_number.png
.png
Assets/ui/mult_number_plane.obj
Assets/ui/multbar_3.obj
Assets/ui/multbar_5.obj
Assets/ui/multcircle_fill.obj
Assets/ui/multcircle_frame.obj
Assets/ui/multnumber.fs
Assets/ui/od_fill.obj
Assets/ui/od_frame.obj
Assets/ui/odmult.fs
Encore.exe
.exe windows:6 windows x64 arch:x64

48a1b367c7401b20a9aa3b5e1f71e6f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winmm

timeEndPeriod
timeBeginPeriod

kernel32

SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventA
CreateSemaphoreW
CreateThread
SetThreadPriority
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetModuleHandleW
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
SetThreadExecutionState
MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VerSetConditionMask
GetModuleHandleExW
FormatMessageW
QueryPerformanceFrequency
GetCurrentProcessId
IsDebuggerPresent
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetFileInformationByHandleEx
AreFileApisANSI
SetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetLocaleInfoEx
FormatMessageA
LocalFree
GetLastError
CloseHandle
ReadFile
GetFileInformationByHandle
CreateFileW
CreateFileA
Sleep
GetModuleFileNameA
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead

user32

GetRawInputDeviceList
GetRawInputDeviceInfoA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterClassW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
SetPropW
LoadImageW
DestroyIcon
LoadCursorW
GetClassLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
RemovePropW
CreateIconIndirect
ReleaseDC
GetDC
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
MapVirtualKeyW
GetPropW
GetKeyState
GetActiveWindow
SetFocus
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
BringWindowToTop
IsIconic
TrackMouseEvent
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageTime
SendMessageW
PostMessageW
WaitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
DestroyWindow
ShowWindow
GetLayeredWindowAttributes
SetLayeredWindowAttributes
FlashWindow
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible

gdi32

CreateBitmap
CreateRectRgn
DeleteObject
CreateDIBSection
CreateDCW
DeleteDC
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers

shell32

DragFinish
DragQueryPoint
DragQueryFileW
DragAcceptFiles

msvcp140

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setf@ios_base@std@@QEAAHHH@Z
?eof@ios_base@std@@QEBA_NXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?uncaught_exceptions@std@@YAHXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

vcruntime140

memset
__std_terminate
__C_specific_handler
__current_exception_context
__current_exception
strstr
strrchr
strchr
memmove
memcpy
memcmp
memchr
__std_exception_copy
_CxxThrowException
__std_exception_destroy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_invalid_parameter_noinfo_noreturn
_set_app_type
terminate
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
abort
_controlfp_s
_errno
strerror
exit
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

floor
tan
powf
cosf
fmin
pow
sqrt
cos
atan2f
acosf
sqrtf
round
sin
ldexp
roundf
sinf
ceilf
exp
log
__setusermatherr

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc
_callnewh
realloc

api-ms-win-crt-convert-l1-1-0

strtoul
atoll
atoi
strtod
atof
strtol

api-ms-win-crt-stdio-l1-1-0

_get_stream_buffer_pointers
fclose
feof
rewind
__acrt_iob_func
fflush
fgetc
fgetpos
__p__commode
_ftelli64
ferror
fopen_s
_set_fmode
fgets
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__stdio_common_vfprintf
_getcwd
ungetc
setvbuf
fwrite
ftell
_fseeki64
fseek
fsetpos
fread
fputc
fopen

api-ms-win-crt-filesystem-l1-1-0

_chdir
_unlock_file
_access
_lock_file

api-ms-win-crt-string-l1-1-0

isxdigit
strncmp
strncpy
strpbrk
isdigit
isspace
strspn
strcspn
strcmp

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

Sections

.text
Size: 964KB - Virtual size: 963KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Songs/Synthfox Soundworks - Untitled Chords Thing/backing.ogg
Songs/Synthfox Soundworks - Untitled Chords Thing/bass.ogg
Songs/Synthfox Soundworks - Untitled Chords Thing/cover.png
.png
Songs/Synthfox Soundworks - Untitled Chords Thing/drums.ogg
Songs/Synthfox Soundworks - Untitled Chords Thing/info.json
Songs/Synthfox Soundworks - Untitled Chords Thing/lead.ogg
Songs/Synthfox Soundworks - Untitled Chords Thing/notes.mid
Songs/Synthfox Soundworks - Untitled Chords Thing/vocals.ogg

Resubmissions

Sharing

General

Malware Config

Signatures

Files

48a1b367c7401b20a9aa3b5e1f71e6f2

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

shell32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 964KB - Virtual size: 963KB

.rdata Size: 383KB - Virtual size: 383KB

.data Size: 34KB - Virtual size: 103KB

.pdata Size: 36KB - Virtual size: 35KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 964KB - Virtual size: 963KB

.rdata
Size: 383KB - Virtual size: 383KB

.data
Size: 34KB - Virtual size: 103KB

.pdata
Size: 36KB - Virtual size: 35KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB