6292fcf872fe9dddf2f02b1dc291b05f56dafdc860e87cb94aff7b1db81fe8b6[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6292fcf872fe9dddf2f02b1dc291b05f56dafdc860e87cb94aff7b1db81fe8b6.exe
Size

1.4MB
MD5

be3371d8ccbf74c8bbd168f0a55baaf0
SHA1

3082931970e444d2b4be079d3db15f50ac46d4ab
SHA256

6292fcf872fe9dddf2f02b1dc291b05f56dafdc860e87cb94aff7b1db81fe8b6
SHA512

04aa9a155ecc012ac5e65fd0290823a7e1baed2a98055a945a63f75c39f6c38302fa903914e2b30c08d3ebaecc7e4ae282d7c3e487a4477e3b02030d3a3824a9
SSDEEP

24576:LLfjzsABmXbrfSnBKYxQgLKgCeDEUsc2SK3DdzxSVg:XfjzsAYPfuVf+fevtEDdFSVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6292fcf872fe9dddf2f02b1dc291b05f56dafdc860e87cb94aff7b1db81fe8b6.exe

Files

6292fcf872fe9dddf2f02b1dc291b05f56dafdc860e87cb94aff7b1db81fe8b6.exe
.dll windows:6 windows x86 arch:x86

56c1468de188c49a8a5e8c9e77add990

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

libffm.dll.pdb

Imports

msvcrt

strtol
memcmp
strspn
gmtime
strchr
strncmp
ceil
floor
strcspn
sqrt
pow
sscanf
abs
sin
exp
frexp
bsearch
abort
cos
log
acos
_errno
atan
atan2
cosh
sinh
tan
tanh
_hypot
strtod
strtoul
localtime
mktime
clock
__iob_func
_vsnprintf
_strtoi64
_XcptFilter
_initterm
_amsg_exit
vsprintf
memmove
fputs
fprintf
getenv
strstr
strcpy
realloc
malloc
free
strlen
memcpy
fabs
strcmp
asin
memset
calloc

kernel32

InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RaiseException

Exports

Exports

aacEncClose
aacEncEncode
aacEncInfo
aacEncOpen
aacEncoder_SetParam
ffm_audio_convert
ffm_audio_convert_alloc
ffm_audio_convert_free
ffm_audio_decode_close
ffm_audio_decode_get_frame
ffm_audio_decode_get_info
ffm_audio_decode_init
ffm_audio_decode_put_data
ffm_audio_encode_close
ffm_audio_encode_get_data
ffm_audio_encode_get_info
ffm_audio_encode_init
ffm_audio_encode_put_frame
ffm_audio_get_codec_information
ffm_audio_mix
ffm_audio_mix_alloc
ffm_audio_mix_free
ffm_avcodec_version3
ffm_get_channel_layout_string
ffm_init
ffm_mlp_checksum16
ffm_mlp_read_syncframe
ffm_mpa_decode_header

Sections

.text
Size: 817KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56c1468de188c49a8a5e8c9e77add990

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 817KB - Virtual size: 817KB

.rdata Size: 627KB - Virtual size: 626KB

.data Size: 4KB - Virtual size: 1.4MB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 817KB - Virtual size: 817KB

.rdata
Size: 627KB - Virtual size: 626KB

.data
Size: 4KB - Virtual size: 1.4MB

.reloc
Size: 22KB - Virtual size: 21KB