5a11be2069cb1dbc16de22de13a71bcbeac6817002d9a558b8c8663462c2f72c

Sharing

Copy URL Twitter E-mail

General

Target

5a11be2069cb1dbc16de22de13a71bcbeac6817002d9a558b8c8663462c2f72c
Size

4.6MB
MD5

290b0af7a97da4c2e2546cf6ffac374e
SHA1

d5aa40df6783c9a6a1372b18ecb2fb052fe44d8d
SHA256

5a11be2069cb1dbc16de22de13a71bcbeac6817002d9a558b8c8663462c2f72c
SHA512

f8ad4097a55865c9c9ab3db9218d48c6512e7840a18aadfbf48d806bc63c459b00b5cae8703eb15a40eea6a9560f2e33d780f50581c4dd687dcdd6a59af31a2a
SSDEEP

49152:2hY9PyoqXVrkGA1Mta/kDOj6fAf8TiUh+wKxFaB2GxJCdyWo6hCuVqpyOqduv/Zo:2hlokVwOta/kDOF8Ti++hYLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a11be2069cb1dbc16de22de13a71bcbeac6817002d9a558b8c8663462c2f72c

Files

5a11be2069cb1dbc16de22de13a71bcbeac6817002d9a558b8c8663462c2f72c
.dll windows:6 windows x86 arch:x86

548392e425f5d0b2a4b20a2ec9574717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\VS\sacddecoder\foo_input_sacd\Release\foo_input_sacd.pdb

Imports

shared

_uReplaceStringAdd@32
?scale@audio_math@@YGXPBMIPAMM@Z
??0uCallStackTracker@@QAE@PBD@Z
??1uCallStackTracker@@QAE@XZ
_stricmp_utf8_ex@16
_GetInfiniteWaitEvent@0
_uBugCheck@0
_uPrintfV@12
_uExceptFilterProc@4
_uFormatSystemErrorMessage@8
_stricmp_utf8@8
_uPrintCrashInfo_OnEvent@8

kernel32

WideCharToMultiByte
IsDebuggerPresent
GetSystemTimeAsFileTime
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
MulDiv
VerifyVersionInfoW
VerSetConditionMask
LoadLibraryExW
GetVersionExW
lstrlenW
HeapFree
GlobalAlloc
GlobalSize
SetEvent
InitializeCriticalSectionEx
CreateEventW
GlobalUnlock
QueryPerformanceCounter
GetCurrentProcessId
GlobalLock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
TerminateProcess
VirtualProtect
InitializeSListHead
EncodePointer
OutputDebugStringW
GetTickCount
GetModuleHandleW
K32GetModuleInformation
GetCurrentProcess
GetProcAddress
GetModuleHandleA
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetFileTime
SetFilePointerEx
CloseHandle
GetFileSizeEx
GetDriveTypeW
MultiByteToWideChar
CreateFileW
SetFilePointer
ReadFile
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
DisableThreadLibraryCalls
LocalFree
FormatMessageA
LoadLibraryA
GetThreadLocale
GetLastError
ResetEvent
GetTickCount64
InterlockedPushEntrySList
HeapSize
GetFileSize
GlobalFree
InterlockedPopEntrySList

user32

AdjustWindowRect
NotifyWinEvent
MessageBeep
GetFocus
IsRectEmpty
TrackMouseEvent
GetMessagePos
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetNextDlgTabItem
InvalidateRgn
ScrollWindowEx
SetScrollPos
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
GetScrollInfo
CreateWindowExW
GetClassInfoExW
RegisterClassExW
SetTimer
SetCursor
SetCapture
ShowWindow
KillTimer
SetFocus
GetCursorPos
ClientToScreen
ScreenToClient
PostMessageW
SetLayeredWindowAttributes
MapWindowPoints
GetDC
GetIconInfo
FillRect
FrameRect
DrawIcon
DrawIconEx
DrawFocusRect
DrawTextW
RegisterWindowMessageW
GetWindow
PtInRect
CallWindowProcW
DrawFrameControl
GetDlgCtrlID
OffsetRect
CopyRect
GetWindowRect
GetMenuBarInfo
InflateRect
IntersectRect
SystemParametersInfoW
ReleaseDC
GetWindowDC
SetWindowPos
IsWindowEnabled
RedrawWindow
EndPaint
BeginPaint
GetClientRect
WindowFromPoint
CloseClipboard
OpenClipboard
GetKeyState
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
GetClassNameW
GetParent
GetMenuStringW
GetClipboardData
CharLowerW
GetSysColor
GetWindowLongW
CreateDialogParamW
DefWindowProcW
DestroyWindow
SendMessageW
SetDlgItemTextW
RegisterClassW
GetDlgItemTextW
SendDlgItemMessageW
LoadCursorW
SetWindowLongW
GetDlgItem
InvalidateRect
EnableWindow
UnregisterClassW
DrawEdge

gdi32

GetCurrentObject
CreateRectRgn
FillRgn
FrameRgn
CreatePolygonRgn
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32W
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
IntersectClipRect
SetWindowOrgEx
OffsetWindowOrgEx
OffsetRgn
SaveDC
LPtoDP
GetTextMetricsW
CreateCompatibleDC
GetBkColor
GetTextColor
SetBkMode
MoveToEx
LineTo
ExtTextOutW
SetDCPenColor
SetDCBrushColor
SetBkColor
CreatePen
GetDeviceCaps
SetTextColor
RestoreDC
SelectObject
GetStockObject
DeleteDC
GetObjectW
DeleteObject
CreateFontIndirectW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ord74

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleRun
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CreateStreamOnHGlobal

oleaut32

SysAllocString
VariantCopy
SysStringByteLen
VariantClear
VariantInit
GetErrorInfo
VariantChangeType
SysFreeString

msvcp140

?_Xbad_function_call@std@@YAXXZ
_Cnd_destroy_in_situ
_Thrd_join
_Thrd_id
?_Xlength_error@std@@YAXPBD@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
_Mtx_unlock
_Cnd_signal
_Thrd_hardware_concurrency
_Cnd_init_in_situ
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Cnd_wait

comctl32

ord413
ord410
ImageList_DrawEx
ImageList_GetIconSize

uxtheme

IsThemePartDefined
CloseThemeData
GetThemePartSize
OpenThemeData
DrawThemeTextEx
DrawThemeBackground
SetWindowTheme

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdiplusStartup
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdiplusShutdown

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
memcmp
__current_exception
memset
_CxxThrowException
memmove
memcpy
strstr
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
malloc
free
_aligned_free
_callnewh
calloc
_expand
_recalloc
realloc
_aligned_realloc

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_invalid_parameter_noinfo
_initialize_narrow_environment
_beginthreadex
_errno
terminate
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
exit
_controlfp_s
_initterm
_crt_atexit
_initterm_e
_invalid_parameter_noinfo_noreturn
_cexit
_seh_filter_dll

api-ms-win-crt-convert-l1-1-0

atoi
_atoi64

api-ms-win-crt-string-l1-1-0

isalnum
isdigit
strncpy
_stricmp
strncmp
strlen
wcsncpy_s
_wcsicmp
_wcsnicmp
wcsnlen
wcscpy_s
strcat_s
strcmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vswprintf_s
_wfopen_s
fclose
__stdio_common_vswscanf
__stdio_common_vfprintf
feof
fgetws
__stdio_common_vfwprintf
ungetc
fwrite
_ftelli64
__stdio_common_vsprintf
_fseeki64
fread
fopen
_chsize_s
_get_osfhandle
_setmode
__acrt_iob_func
_wfopen
_fileno

api-ms-win-crt-math-l1-1-0

floor
llround
lround
__libm_sse2_pow
_libm_sse2_pow_precise
log2

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

asmcode
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

548392e425f5d0b2a4b20a2ec9574717

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shared

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

msvcp140

comctl32

uxtheme

msimg32

dwmapi

oleacc

gdiplus

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

asmcode Size: 2KB - Virtual size: 2KB

IPPCODE Size: 594KB - Virtual size: 593KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 24KB - Virtual size: 30KB

_RDATA Size: 1024B - Virtual size: 848B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 81KB - Virtual size: 81KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 2.7MB - Virtual size: 2.7MB

asmcode
Size: 2KB - Virtual size: 2KB

IPPCODE
Size: 594KB - Virtual size: 593KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 24KB - Virtual size: 30KB

_RDATA
Size: 1024B - Virtual size: 848B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 81KB - Virtual size: 81KB

.movehcs
Size: 512B - Virtual size: 4KB