9d48aa42cac849d50f3dd1c7da881a301849b635068d549641fcafd4d7d75157

Sharing

Copy URL

Twitter E-mail

General

Target

9d48aa42cac849d50f3dd1c7da881a301849b635068d549641fcafd4d7d75157
Size

16KB
MD5

39bf7b295c6fb285675ecae5b7d84cc6
SHA1

133a14770c3fdf165d0b3cc9a14a3029b053247f
SHA256

9d48aa42cac849d50f3dd1c7da881a301849b635068d549641fcafd4d7d75157
SHA512

d3c385e47299804b6f9e0ffe5705581e3979ba534efea382795325f562ccd4922a00599aff7329d233649a7f72f7c5336e0696bc70e3a4f688b19f9208602206
SSDEEP

384:WlGAq8xdLSggxpWkdIjlxn1bH+jQtQL6K:WlNdLtgxpWRbH+IER

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d48aa42cac849d50f3dd1c7da881a301849b635068d549641fcafd4d7d75157

Files

9d48aa42cac849d50f3dd1c7da881a301849b635068d549641fcafd4d7d75157
.dll windows:6 windows x86 arch:x86

b45d3cc5fab6d0589db08d67884e0f66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

enc_flac.pdb

Imports

kernel32

WriteFile
SetFilePointer
CreateFileW
GetLastError
DeleteFileW
CloseHandle
CopyFileW
MoveFileW
WritePrivateProfileStringA
GetPrivateProfileIntA
VirtualQuery
GetCurrentProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
TerminateProcess

user32

SendDlgItemMessageW
PostMessageW

libflac

FLAC__stream_encoder_set_total_samples_estimate
FLAC__stream_encoder_set_blocksize
FLAC__stream_encoder_set_channels
FLAC__stream_encoder_finish
FLAC__stream_encoder_set_bits_per_sample
FLAC__metadata_object_new
FLAC__metadata_object_delete
FLAC__stream_encoder_set_compression_level
FLAC__stream_encoder_get_state
FLAC__stream_encoder_init_stream
FLAC__stream_encoder_new
FLAC__stream_encoder_delete
FLAC__stream_encoder_process_interleaved
FLAC__stream_encoder_set_sample_rate
FLAC__stream_encoder_set_metadata

winamp

ord52
ord84
ord268
ord1091
ord82
ord463
ord483
ord2
ord1290
ord86
ord285
ord1090
ord1137
ord85
ord262
ord1286
ord93

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_cexit
_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
_initterm
_initterm_e
_seh_filter_dll
_execute_onexit_table

Exports

Exports

ConfigAudio3
CreateAudio3
FinishAudio3
FinishAudio3W
GetAudioTypes3
GetConfigItem
PrepareToFinish
PrepareToFinishW
SetConfigItem
SetWinampHWND

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45d3cc5fab6d0589db08d67884e0f66

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

libflac

winamp

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 992B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 680B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 992B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 680B