WhisperDesktop[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

WhisperDesktop.zip
Size

465KB
MD5

8929c820a32d55c9a7283bfc76747192
SHA1

60a0cd388b73f299bcce1b18c31019bcfab09883
SHA256

483a82cc93e89c7e8a0187e4809a026d7b797e051bf4f9e54b6268e1fc574c62
SHA512

2c68106d5f6aa1edd226818e2e3f6347c38647a560f3e7b4319bf9bd7e081591b270d7ddabd4c5865045fb03e0ff347bd029817ef71e863dd237747d79b1ac9e
SSDEEP

12288:ghr+pk7m8g2uodyJ3W/3TCGPjjaaPdNGcU:WJ7m84DFW/+KmIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Whisper.dll
unpack001/WhisperDesktop.exe

Files

WhisperDesktop.zip
.zip
Whisper.dll
.dll windows:6 windows x64 arch:x64

c0463e7110244421b1b32151845a499d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Z\Fun\OpenAI\Whisper\x64\Release\Whisper.pdb

Imports

kernel32

GetLastError
DecodePointer
InitializeCriticalSectionEx
DeleteCriticalSection
FindResourceW
LoadResource
SizeofResource
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
WideCharToMultiByte
GetProcessHeap
LockResource
FindResourceExW
CloseHandle
WaitForSingleObject
Sleep
CreateThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
SubmitThreadpoolWork
MultiByteToWideChar
LocalFree
FormatMessageW
GetCurrentThreadId
RaiseException
EnterCriticalSection
LeaveCriticalSection
CreateThread
InitializeConditionVariable
SleepConditionVariableCS
WakeAllConditionVariable
GetExitCodeThread
GetProcAddress
GetModuleHandleW
CreateFileW
WriteFile
SetFilePointer
FlushFileBuffers
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo
GetFileSize
ReadFile
DisableThreadLibraryCalls
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
SetFilePointerEx
GetFileSizeEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
EncodePointer
CompareStringEx
GetCPInfo
LCMapStringEx
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwind
ExitProcess

user32

GetAsyncKeyState

ole32

CoInitializeEx
CoUninitialize
CoTaskMemFree

shlwapi

ord12

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

mf

MFCreateDeviceSource
MFEnumDeviceSources

mfreadwrite

MFCreateSourceReaderFromURL
MFCreateSourceReaderFromByteStream
MFCreateSourceReaderFromMediaSource

mfplat

MFShutdown
MFCreateAttributes
MFStartup
MFCopyImage
MFCreateMediaType
MFCreateMFByteStreamOnStream
MFllMulDiv

Exports

Exports

findLanguageKeyA
findLanguageKeyW
getSupportedLanguages
initMediaFoundation
listGPUs
loadModel
setupLogger

Sections

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WhisperDesktop.exe
.exe windows:6 windows x64 arch:x64

2aa067c2bb3245324b8d3150bd3cc4a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Z\Fun\OpenAI\Whisper\x64\Release\WhisperDesktop.pdb

Imports

kernel32

GetLocalTime
WriteFile
SetFilePointer
FlushFileBuffers
SetLastError
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
SetConsoleTextAttribute
WriteConsoleW
FreeConsole
GetConsoleWindow
AllocConsole
GetStdHandle
IsValidCodePage
SetConsoleOutputCP
GetConsoleMode
SetConsoleMode
SetConsoleTitleW
SetConsoleCtrlHandler
WriteConsoleA
WideCharToMultiByte
GetTickCount64
ExitProcess
FormatMessageW
LocalFree
CloseThreadpoolWork
CreateThreadpoolWork
SubmitThreadpoolWork
MultiByteToWideChar
DecodePointer
GetConsoleOutputCP
SetFilePointerEx
GetStringTypeW
SetStdHandle
LCMapStringW
GetDateFormatEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetModuleFileNameW
GetModuleHandleExW
RtlUnwind
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlPcToFileHeader
RtlUnwindEx
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
GetLastError
HeapSize
HeapDestroy
GetFileSize
GetTimeFormatEx
CreateFileW
CloseHandle
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
DeleteCriticalSection
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
MulDiv
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess

user32

GetMonitorInfoW
DefWindowProcW
SetWindowLongPtrW
GetWindowLongPtrW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CharUpperW
IsWindowEnabled
DeleteMenu
GetSystemMenu
SetForegroundWindow
ShowWindow
IsWindow
DialogBoxParamW
EndDialog
PostMessageW
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
MessageBoxW
GetWindow
GetWindowLongW
MonitorFromWindow
EnableWindow
GetWindowRect
GetParent
MapWindowPoints
SetWindowPos
SetWindowTextW
GetDlgItem
DestroyIcon
LoadIconW
SendMessageW
DrawTextW
InvalidateRect
GetSysColor
EndPaint
BeginPaint
GetClientRect

gdi32

GetDeviceCaps
SelectObject
SetBkColor
SetTextColor
CreateFontIndirectW
DeleteObject
SetBkMode

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

shell32

ShellExecuteW

ole32

CoInitializeEx
CoUninitialize

whisper

loadModel
getSupportedLanguages
setupLogger
listGPUs
initMediaFoundation

shlwapi

PathFindFileNameW
PathFileExistsW
PathFindExtensionW
PathRenameExtensionW

comctl32

InitCommonControlsEx

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lz4.txt

Sharing

General

Malware Config

Signatures

Files

c0463e7110244421b1b32151845a499d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

shlwapi

d3d11

dxgi

mf

mfreadwrite

mfplat

Exports

Exports

Sections

.text Size: 378KB - Virtual size: 377KB

.rdata Size: 149KB - Virtual size: 148KB

.data Size: 9KB - Virtual size: 273KB

.pdata Size: 20KB - Virtual size: 19KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

2aa067c2bb3245324b8d3150bd3cc4a9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

whisper

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 5KB - Virtual size: 9KB

.pdata Size: 7KB - Virtual size: 7KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 378KB - Virtual size: 377KB

.rdata
Size: 149KB - Virtual size: 148KB

.data
Size: 9KB - Virtual size: 273KB

.pdata
Size: 20KB - Virtual size: 19KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 5KB - Virtual size: 9KB

.pdata
Size: 7KB - Virtual size: 7KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 2KB - Virtual size: 1KB