sox[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sox.exe
Size

208KB
MD5

44c56d99b5140f313fcf7891075f0277
SHA1

20ba82f29e27f5cfc17b273a45837563b28e448b
SHA256

e0e3cdc4bcdfbb5b91ac8f53b024964d092f89ba90130ba74b223a1df11b5439
SHA512

71368474c35aab5ee5737a7afb9e36f577b77fb072954a0d2c4f1934df7900baf941e80b7ce9dcd827d6f9a621ac1402da1cba6c7d3be62ef04856fb10eab9be
SSDEEP

3072:nFQ7N/P447Z6Q5SeIuHYUEAxGDFkaX0Fxq/nWCV/TbiEfaB:M4+6Q8eI7U0DFkaFWK7eh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sox.exe

Files

sox.exe
.exe windows:4 windows x86 arch:x86

23768076341a93bd8fe042ac4579fa93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libsox-3

lsx_debug_impl
lsx_fail_impl
lsx_filelength
lsx_find_enum_text
lsx_find_enum_value
lsx_find_file_extension
lsx_getopt
lsx_getopt_init
lsx_realloc
lsx_report_impl
lsx_sigfigs3
lsx_sigfigs3p
lsx_strcasecmp
lsx_warn_impl
sox_add_effect
sox_append_comment
sox_basename
sox_close
sox_copy_comments
sox_create_effect
sox_create_effects_chain
sox_delete_comments
sox_delete_effect_last
sox_delete_effects
sox_delete_effects_chain
sox_effect_options
sox_effects_clips
sox_find_comment
sox_find_effect
sox_find_format
sox_flow_effects
sox_format_init
sox_format_supports_encoding
sox_get_effect_fns
sox_get_effects_globals
sox_get_encodings_info
sox_get_format_fns
sox_get_globals
sox_init
sox_init_encodinginfo
sox_is_playlist
sox_num_comments
sox_open_read
sox_open_write
sox_parse_playlist
sox_pop_effect_last
sox_precision
sox_push_effect_last
sox_quit
sox_read
sox_seek
sox_strerror
sox_trim_clear_start
sox_trim_get_start
sox_version_info
sox_write
sox_write_handler

kernel32

DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_getch
_initterm
_iob
_lock
_onexit
_snprintf
_stati64
_stricmp
_strnicmp
calloc
exit
fclose
ferror
fgets
fopen
fprintf
fputc
free
fwrite
getc
getenv
isspace
log10
malloc
memcmp
memcpy
memset
printf
putc
putchar
puts
qsort
scanf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
_unlock
abort
atof
vfprintf
_unlink
_kbhit
_isatty
_fileno

libssp-0

__stack_chk_fail
__stack_chk_guard

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23768076341a93bd8fe042ac4579fa93

Headers

File Characteristics

Imports

libsox-3

kernel32

msvcrt

libssp-0

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 512B - Virtual size: 204B

.rdata Size: 15KB - Virtual size: 15KB

.bss Size: - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

/4 Size: 512B - Virtual size: 232B

/19 Size: 55KB - Virtual size: 54KB

/31 Size: 4KB - Virtual size: 3KB

/45 Size: 7KB - Virtual size: 7KB

/57 Size: 3KB - Virtual size: 3KB

/70 Size: 1KB - Virtual size: 1KB

/81 Size: 21KB - Virtual size: 21KB

/92 Size: 2KB - Virtual size: 2KB

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 512B - Virtual size: 204B

.rdata
Size: 15KB - Virtual size: 15KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

/4
Size: 512B - Virtual size: 232B

/19
Size: 55KB - Virtual size: 54KB

/31
Size: 4KB - Virtual size: 3KB

/45
Size: 7KB - Virtual size: 7KB

/57
Size: 3KB - Virtual size: 3KB

/70
Size: 1KB - Virtual size: 1KB

/81
Size: 21KB - Virtual size: 21KB

/92
Size: 2KB - Virtual size: 2KB