AudioIntercom[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

AudioIntercom.dll
Size

596KB
MD5

ff4f436c1044d421fea7ed48a3fddefc
SHA1

1ce9275b25513d48dc0e7823ce8cf05f30f5bf4c
SHA256

1d26a44ed11fbb85c4174fd1360642dfcdf71f4b72574d44353277bbf20008b1
SHA512

3008545cc6dfb149006f6bd711077e8d0c1929cad3bdca1316ea523e8be4a5aec6f5b795af3669d31d41d06b7d52762d4bab785cc31c7579bc8520740a58edbd
SSDEEP

6144:YI2yNI8QIJ+q2ZBsbu6SjNxyKENr6pmFfamEVRl7utSgbOZX6jjjZT6uef6Gq604:xJ+q2/iu6SRxqNr6pmFfam2zI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AudioIntercom.dll

Files

AudioIntercom.dll
.dll windows:5 windows x86 arch:x86

bc278563578268042535cb174a70775e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

I:\AudioIntercomCode\AudioIntercom\project\windows_2015\Release\PDB\AudioIntercom.pdb

Imports

openal32

alSourcef
alcIsExtensionPresent
alcCloseDevice
alcGetIntegerv
alcOpenDevice
alcMakeContextCurrent
alcCaptureStart
alcCaptureOpenDevice
alcCaptureCloseDevice
alcCaptureSamples
alSourceStop
alDeleteSources
alDeleteBuffers
alGenBuffers
alGenSources
alSourcei
alBufferData
alSourceQueueBuffers
alcGetString
alSourcePlay
alGetSourcei
alSourceUnqueueBuffers
alGetEnumValue
alcDestroyContext
alcCreateContext
alcGetCurrentContext
alcCaptureStop

winmm

waveOutGetDevCapsA
waveOutGetNumDevs
waveOutOpen
waveOutSetVolume
waveOutWrite
waveOutPrepareHeader
waveOutReset
waveOutClose
waveOutUnprepareHeader

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
WaitForSingleObject
SetThreadPriority
IsBadWritePtr
IsBadReadPtr
MultiByteToWideChar
WideCharToMultiByte
Sleep
GetCurrentThreadId
OutputDebugStringA

msvcr100

_unlock
_ftol
_endthreadex
_beginthreadex
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
strstr
__dllonexit
_lock
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_onexit
strlen
__CxxFrameHandler3
memset
??3@YAXPAX@Z
_purecall
??2@YAPAXI@Z
_CxxThrowException
memcpy
memmove
vsprintf
sprintf
clock
malloc
free
strcpy
strcmp
ftell
fseek
_strnicmp
fread
fopen
fclose
printf
??_V@YAXPAX@Z
strncmp

Exports

Exports

AUDIOCOM_CreateCaptureHandle
AUDIOCOM_CreatePlayHandle
AUDIOCOM_GetLastError
AUDIOCOM_GetOneSoundCardInfo
AUDIOCOM_GetSoundCardNum
AUDIOCOM_GetVersion
AUDIOCOM_GetVolume
AUDIOCOM_InputStreamData
AUDIOCOM_OpenStream
AUDIOCOM_OpenStreamEx
AUDIOCOM_OpenWaveFile
AUDIOCOM_RegisterCaptureDataCallBack
AUDIOCOM_RegisterCaptureDataCallBackEx
AUDIOCOM_RegisterDecodeDataCallBack
AUDIOCOM_RegisterDecodeDataCallBackEx
AUDIOCOM_RegisterOutputDataCallBack
AUDIOCOM_RegisterOutputDataCallBackEx
AUDIOCOM_ReleaseCaptureHandle
AUDIOCOM_ReleasePlayHandle
AUDIOCOM_SetVolume
AUDIOCOM_StartCapture
AUDIOCOM_StartPlay
AUDIOCOM_StopCapture
AUDIOCOM_StopPlay
_AUDIOCOM_CreateCaptureHandleEx@8
_AUDIOCOM_CreatePlayHandleEx@8
_AUDIOCOM_GetCaptureDeviceNum@4
_AUDIOCOM_GetOneCaptureDeviceName@8
_AUDIOCOM_GetOnePlayDeviceName@8
_AUDIOCOM_GetPlayDeviceNum@4

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc278563578268042535cb174a70775e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

openal32

winmm

kernel32

msvcr100

Exports

Exports

Sections

.text Size: 258KB - Virtual size: 257KB

.rdata Size: 164KB - Virtual size: 164KB

.data Size: 165KB - Virtual size: 183KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 258KB - Virtual size: 257KB

.rdata
Size: 164KB - Virtual size: 164KB

.data
Size: 165KB - Virtual size: 183KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB