6b7ee0f4018a0e7c7c3cb5ce98305ca7f419bd2c4a3c2ca067ee16b4d589cc8f

Sharing

Copy URL Twitter E-mail

General

Target

6b7ee0f4018a0e7c7c3cb5ce98305ca7f419bd2c4a3c2ca067ee16b4d589cc8f
Size

402KB
MD5

751dbec03bfcb31fa2d9751bf588e052
SHA1

1553f06d0323dd543422b4e0cd57c68038cd28da
SHA256

6b7ee0f4018a0e7c7c3cb5ce98305ca7f419bd2c4a3c2ca067ee16b4d589cc8f
SHA512

e37739530cb74ba90e6086725d18c05a11d9a08a34df71dee550438fdb71678fcc6f871ddc73cff5920a2d2696c657ec6e1944647397621ae676fcaef759f7d6
SSDEEP

6144:5AOohRmApcAeqK4twvjlZ6UNM0ws/yQoLL/3BjECu+GZIf55eF38IsHoh3+4kzi:y/nmAgqpK00woyQoP/WA5cjooh7kW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b7ee0f4018a0e7c7c3cb5ce98305ca7f419bd2c4a3c2ca067ee16b4d589cc8f

Files

6b7ee0f4018a0e7c7c3cb5ce98305ca7f419bd2c4a3c2ca067ee16b4d589cc8f
.dll windows:5 windows x64 arch:x64

5214e6eab793eebfd8477766948e00fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\manx\projects\openmpt\buildbot\g2_130_rel_trk_win_retro\build\bin\release\vs2017-winxp-static\amd64\openmpt-mpg123.pdb

Imports

shlwapi

PathIsUNCW
PathIsRelativeW

kernel32

GetFileType
FindClose
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
CreateFileW
CloseHandle
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
ReadFile
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
SetFilePointerEx
HeapFree
SetStdHandle
SetEndOfFile
GetStdHandle
HeapAlloc
HeapReAlloc
LCMapStringW
GetACP
GetStringTypeW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
WriteConsoleW
FlushFileBuffers
HeapSize

Exports

Exports

mpg123_add_string
mpg123_add_substring
mpg123_chomp_string
mpg123_clip
mpg123_close
mpg123_copy_string
mpg123_current_decoder
mpg123_decode
mpg123_decode_frame
mpg123_decoder
mpg123_decoders
mpg123_delete
mpg123_delete_pars
mpg123_delete_string
mpg123_enc_from_id3
mpg123_enc_from_id3_2
mpg123_encodings
mpg123_encsize
mpg123_eq
mpg123_eq2
mpg123_eq_bands
mpg123_eq_change
mpg123_errcode
mpg123_exit
mpg123_feature
mpg123_feature2
mpg123_feed
mpg123_feedseek
mpg123_fmt
mpg123_fmt2
mpg123_fmt_all
mpg123_fmt_none
mpg123_fmt_support
mpg123_format
mpg123_format2
mpg123_format_all
mpg123_format_none
mpg123_format_support
mpg123_framebyframe_decode
mpg123_framebyframe_next
mpg123_framedata
mpg123_framelength
mpg123_framepos
mpg123_free
mpg123_free_string
mpg123_geteq
mpg123_geteq2
mpg123_getformat
mpg123_getformat2
mpg123_getpar
mpg123_getpar2
mpg123_getparam
mpg123_getparam2
mpg123_getstate
mpg123_getstate2
mpg123_getvolume
mpg123_grow_string
mpg123_icy
mpg123_icy2utf8
mpg123_id3
mpg123_id3_raw
mpg123_index
mpg123_info
mpg123_info2
mpg123_init
mpg123_init_string
mpg123_length
mpg123_meta_check
mpg123_meta_free
mpg123_move_string
mpg123_new
mpg123_new_pars
mpg123_new_string
mpg123_open
mpg123_open_fd
mpg123_open_feed
mpg123_open_fixed
mpg123_open_handle
mpg123_outblock
mpg123_par
mpg123_par2
mpg123_param
mpg123_param2
mpg123_parnew
mpg123_plain_strerror
mpg123_position
mpg123_rates
mpg123_read
mpg123_replace_buffer
mpg123_replace_reader
mpg123_replace_reader_handle
mpg123_reset_eq
mpg123_resize_string
mpg123_safe_buffer
mpg123_same_string
mpg123_scan
mpg123_seek
mpg123_seek_frame
mpg123_set_filesize
mpg123_set_index
mpg123_set_moreinfo
mpg123_set_string
mpg123_set_substring
mpg123_spf
mpg123_store_utf8
mpg123_store_utf8_2
mpg123_strerror
mpg123_strlen
mpg123_supported_decoders
mpg123_tell
mpg123_tell_stream
mpg123_tellframe
mpg123_timeframe
mpg123_tpf
mpg123_volume
mpg123_volume_change
mpg123_volume_change_db

Sections

.text
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5214e6eab793eebfd8477766948e00fb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 238KB - Virtual size: 238KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 238KB - Virtual size: 238KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB