429d1cd9db0e875e5183d97d355bf525d42debe07503cc9c682598454883a129

Sharing

Copy URL Twitter E-mail

General

Target

429d1cd9db0e875e5183d97d355bf525d42debe07503cc9c682598454883a129
Size

310KB
MD5

a1ecbc1c73a5f13c39b581b9f9fe785e
SHA1

6ba9d3a9011d04c57ae32d10f369850e7f881523
SHA256

429d1cd9db0e875e5183d97d355bf525d42debe07503cc9c682598454883a129
SHA512

4f1d1a70d42c35746531efa8bb84bffbf8833a7c2ffac6443a8c8b73ca6f14e2b91c4f549f93c0d7330e9955b04d41f592b293124cbba306fb18cc5e63536d96
SSDEEP

6144:qAX04Ty2p7eQCGjXGZkGxaxG0F4k8l65k4:D5TyQScG70F9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429d1cd9db0e875e5183d97d355bf525d42debe07503cc9c682598454883a129

Files

429d1cd9db0e875e5183d97d355bf525d42debe07503cc9c682598454883a129
.dll windows:6 windows x64 arch:x64

7e7bf4c3dc413232c8f0f439bcdf4975

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\Programming\foobar2000\SDK-2023-05-10 (hybrid mode)\foo_input_v2m\x64\Release\foo_input_v2m.pdb

Imports

shared

??1uCallStackTracker@@QEAA@XZ
uFormatSystemErrorMessage
GetInfiniteWaitEvent
??0uCallStackTracker@@QEAA@PEBD@Z
uBugCheck
uSendMessageText
uPrintCrashInfo_OnEvent
stricmp_utf8
uExceptFilterProc

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
GetCurrentThreadId
GetLastError
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
GetSystemTimeAsFileTime
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
ResetEvent
SetEvent
CreateEventW
CloseHandle
OutputDebugStringW
DisableThreadLibraryCalls
InterlockedPushEntrySList
FlushInstructionCache
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
VirtualAlloc
LoadLibraryExA
InterlockedPopEntrySList
VirtualFree

user32

UnregisterClassW
CreateDialogParamW
SendMessageW
wsprintfA
DestroyWindow
SendDlgItemMessageW
GetDlgItemInt
GetDlgItem
SetWindowLongPtrW

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__C_specific_handler
memmove
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
memcpy
memset
memcmp

api-ms-win-crt-heap-l1-1-0

_expand
free
malloc
realloc
_callnewh

api-ms-win-crt-math-l1-1-0

pow
atan
atan2
cos
cosf
trunc
powf
expf
fmod
fmodf
log2
sin

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-runtime-l1-1-0

abort
terminate
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_configure_narrow_argv
_initterm_e
_initterm
_cexit
_crt_atexit

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e7bf4c3dc413232c8f0f439bcdf4975

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shared

kernel32

user32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 224KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 8KB - Virtual size: 35KB

.pdata Size: 6KB - Virtual size: 6KB

_RDATA Size: 9KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 448B

.reloc Size: 2KB - Virtual size: 1KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 224KB - Virtual size: 224KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 8KB - Virtual size: 35KB

.pdata
Size: 6KB - Virtual size: 6KB

_RDATA
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 448B

.reloc
Size: 2KB - Virtual size: 1KB

.movehcs
Size: 512B - Virtual size: 4KB