139102fe3b39e3bd777a1914e0cf896e[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

139102fe3b39e3bd777a1914e0cf896e.bin
Size

1.5MB
MD5

139102fe3b39e3bd777a1914e0cf896e
SHA1

2a596f66c34a0e77afae04e64bf781ed69c8f589
SHA256

d9a77475f3b818e3fca5d33c8df3fac62af20c553d2396b47ac8681e1761d28e
SHA512

29ee845136ec2d2a8fafd0f94d65beb36210f0ada38587342d718413019e1fdac4340d92bad2dc5732a645ebff7eeb9375c46be0a9e1ab61891951e3525c4ac8
SSDEEP

24576:/Cobu0Ft/ZbqPDexzTX4/TJYWMKgYI9WE0fwIaHix4fTWQfdBZxMDAa:/nbukZ+PE4VZMBR9WEsaHix+TWQVxMD1

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/lame_enc.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/lame_enc.dll	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bass.dll
unpack001/hifirecorder.exe
unpack001/lame_enc.dll
unpack001/soft2cn．com汉化说明.exe

Files

139102fe3b39e3bd777a1914e0cf896e.bin
.rar
bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetEAXMix
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelGetTags
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelPreBuf
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetDevice
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetFlags
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetAttribute
BASS_MusicGetOrderPosition
BASS_MusicGetOrders
BASS_MusicLoad
BASS_MusicSetAttribute
BASS_Pause
BASS_PluginFree
BASS_PluginGetInfo
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_Update
_

Sections

Size: 85KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
hifirecorder.chm
.chm
hifirecorder.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$10TFZJButton
@$xp$12TFZJSkinForm
@$xp$15TFZJProgressBar
@$xp$16TFZJCircleButton
@$xp$8TFZJPeak
@$xp$9TFZJMixer
@@About@Finalize
@@About@Initialize
@@Checkserial2@Finalize
@@Checkserial2@Initialize
@@Checkserial@Finalize
@@Checkserial@Initialize
@@Format@Finalize
@@Format@Initialize
@@Fzjbutton@Finalize
@@Fzjbutton@Initialize
@@Fzjcirclebutton@Finalize
@@Fzjcirclebutton@Initialize
@@Fzjmixer@Finalize
@@Fzjmixer@Initialize
@@Fzjpeak@Finalize
@@Fzjpeak@Initialize
@@Fzjprogressbar@Finalize
@@Fzjprogressbar@Initialize
@@Fzjskinform@Finalize
@@Fzjskinform@Initialize
@@Led@Finalize
@@Led@Initialize
@@Main@Finalize
@@Main@Initialize
@@Register@Finalize
@@Register@Initialize
@@Soundsource@Finalize
@@Soundsource@Initialize
@@Spectrum@Finalize
@@Spectrum@Initialize
@@Volume@Finalize
@@Volume@Initialize
@@Waveinf@Finalize
@@Waveinf@Initialize
@Fzjbutton@Register$qqrv
@Fzjcirclebutton@Register$qqrv
@Fzjmixer@Register$qqrv
@Fzjpeak@Register$qqrv
@Fzjprogressbar@Register$qqrv
@Fzjskinform@Register$qqrv
@TFZJButton@
@TFZJButton@$bctr$qqrp18Classes@TComponent
@TFZJButton@$bdtr$qqrv
@TFZJButton@GetMousePosTimer$qqrp14System@TObject
@TFZJButton@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@TFZJButton@Paint$qqrv
@TFZJButton@SetActiveButtonBmp$qqrp16Graphics@TBitmap
@TFZJButton@SetButtonBmp$qqrp16Graphics@TBitmap
@TFZJButton@SetDisenableButtonBmp$qqrp16Graphics@TBitmap
@TFZJButton@SetEnabled$qqro
@TFZJCircleButton@
@TFZJCircleButton@$bctr$qqrp18Classes@TComponent
@TFZJCircleButton@$bdtr$qqrv
@TFZJCircleButton@GetMousePosTimer$qqrp14System@TObject
@TFZJCircleButton@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@TFZJCircleButton@Paint$qqrv
@TFZJCircleButton@SetActiveButtonBmp$qqrp16Graphics@TBitmap
@TFZJCircleButton@SetButtonBmp$qqrp16Graphics@TBitmap
@TFZJCircleButton@SetDisenableButtonBmp$qqrp16Graphics@TBitmap
@TFZJCircleButton@SetDown$qqro
@TFZJCircleButton@SetDownActiveButtonBmp$qqrp16Graphics@TBitmap
@TFZJCircleButton@SetDownButtonBmp$qqrp16Graphics@TBitmap
@TFZJCircleButton@SetEnabled$qqro
@TFZJCircleButton@SetMaskBmp$qqrp16Graphics@TBitmap
@TFZJMixer@
@TFZJMixer@$bctr$qqrp18Classes@TComponent
@TFZJMixer@$bdtr$qqrv
@TFZJMixer@Close$qv
@TFZJMixer@GetMixerList$qp16Classes@TStrings
@TFZJMixer@GetSpeakerVolume$qv
@TFZJMixer@GetWaveInIndex$qv
@TFZJMixer@GetWaveInList$qp16Classes@TStrings
@TFZJMixer@GetWaveInVolume$qi
@TFZJMixer@GetWaveOutMute$qv
@TFZJMixer@Open$qi
@TFZJMixer@SetSpeakerVolume$qi
@TFZJMixer@SetWaveInIndex$qi
@TFZJMixer@SetWaveInVolume$qii
@TFZJMixer@SetWaveOutMute$qo
@TFZJMixer@WndProc$qqrr17Messages@TMessage
@TFZJPeak@
@TFZJPeak@$bctr$qqrp18Classes@TComponent
@TFZJPeak@Paint$qqrv
@TFZJPeak@SetPeakVolume$qqri
@TFZJProgressBar@
@TFZJProgressBar@$bctr$qqrp18Classes@TComponent
@TFZJProgressBar@$bdtr$qqrv
@TFZJProgressBar@GetMousePosTimer$qqrp14System@TObject
@TFZJProgressBar@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@TFZJProgressBar@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@TFZJProgressBar@Paint$qqrv
@TFZJProgressBar@SetActiveSlideBmp$qqrp16Graphics@TBitmap
@TFZJProgressBar@SetDisenableSlideBmp$qqrp16Graphics@TBitmap
@TFZJProgressBar@SetEnabled$qqro
@TFZJProgressBar@SetPos$qqri
@TFZJProgressBar@SetProgressBarColor$qqr15Graphics@TColor
@TFZJProgressBar@SetSlideBmp$qqrp16Graphics@TBitmap
@TFZJSkinForm@
@TFZJSkinForm@$bctr$qqrp18Classes@TComponent
@TFZJSkinForm@$bdtr$qqrv
@TFZJSkinForm@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@TFZJSkinForm@Paint$qqrv
@TFZJSkinForm@ReSetWndRgn$qqrv
@TFZJSkinForm@Repaint$qqrv
@TFZJSkinForm@SetSkinBmp$qqrp16Graphics@TBitmap
@TFZJSkinForm@SetTransparentColor$qqr15Graphics@TColor
_AboutForm
_FormatForm
_MainForm
_RegisterForm
_SoundSourceForm
__GetExceptDLLinfo
___CPPdebugHook

Sections

Size: 331KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 17KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LordFox
Size: 358KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lame_enc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteVBRHeader
lame_close
lame_encode_buffer_interleaved
lame_encode_flush
lame_get_in_samplerate
lame_get_num_channels
lame_get_num_samples
lame_get_out_samplerate
lame_get_scale
lame_get_scale_left
lame_get_scale_right
lame_init
lame_init_params
lame_mp3_tags_fid
lame_set_in_samplerate
lame_set_num_channels
lame_set_num_samples
lame_set_out_samplerate
lame_set_scale
lame_set_scale_left
lame_set_scale_right

Sections

UPX0
Size: - Virtual size: 508KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
soft2cn．com汉化说明.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HH_By_Soft2CN
Reserverd
fzh_s2c
refreshDesktop

Sections

.Upack
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
安装必读.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 85KB - Virtual size: 240KB

.rsrc Size: 568B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 331KB - Virtual size: 876KB

Size: 17KB - Virtual size: 100KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 8KB - Virtual size: 12KB

Size: 5KB - Virtual size: 8KB

.rsrc Size: 62KB - Virtual size: 488KB

Size: - Virtual size: 52KB

Size: 512B - Virtual size: 4KB

LordFox Size: 358KB - Virtual size: 360KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 508KB

UPX1 Size: 152KB - Virtual size: 152KB

UPX2 Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

.Upack Size: - Virtual size: 192KB

.rsrc Size: 70KB - Virtual size: 268KB

.rsrc
Size: 568B - Virtual size: 4KB

.rsrc
Size: 62KB - Virtual size: 488KB

LordFox
Size: 358KB - Virtual size: 360KB

.adata
Size: - Virtual size: 4KB

UPX0
Size: - Virtual size: 508KB

UPX1
Size: 152KB - Virtual size: 152KB

UPX2
Size: 5KB - Virtual size: 8KB

.Upack
Size: - Virtual size: 192KB

.rsrc
Size: 70KB - Virtual size: 268KB