19ea095afb1b6f3f548264edeeab8610N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

19ea095afb1b6f3f548264edeeab8610N.exe
Size

896KB
MD5

19ea095afb1b6f3f548264edeeab8610
SHA1

0f3e10db2289fe0fac12ad3e194a4cd6c89a1181
SHA256

2384e2c3cf21d706c6322c531799834635949560df3c7328cfb3388bbead988f
SHA512

3b89e3cf8a4c7191f9975cfe95113ccbbc3c77d6633d06f2a70954b0c20e54b612a244a01b5803350fb5a0d3335200bc663c9ae2df15745edc90f9f51e2c8ce0
SSDEEP

24576:r67/OBmKDXmH87zi0B/kB9/iJMikMlrsal998Ut1mpjmJ:OVKDXUvqJMikMlrsg99jt1mxmJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19ea095afb1b6f3f548264edeeab8610N.exe

Files

19ea095afb1b6f3f548264edeeab8610N.exe
.dll windows:5 windows x86 arch:x86

2426771d62ed24c97b5cd055d0b347fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\p4client\Consumer\MainDev\Products\Release\Win32\MaxxAudioAPOShell.pdb

Imports

kernel32

IsProcessorFeaturePresent
HeapSize
GetStringTypeW
MultiByteToWideChar
LCMapStringW
RtlUnwind
GetModuleFileNameW
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
GetModuleHandleA
OutputDebugStringA
lstrlenA
WaitForSingleObject
SetEvent
ResetEvent
CloseHandle
CreateThread
MapViewOfFile
UnmapViewOfFile
CreateEventA
CreateFileMappingA
OpenEventA
CreateMutexA
GetProcessHeap
LocalFree
LoadLibraryA
InitializeCriticalSection
WriteFile
lstrlenW
FormatMessageA
RaiseException
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
SetStdHandle
FlushFileBuffers
WriteConsoleW
SetEndOfFile
CreateFileW
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
FreeLibrary
HeapReAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
FindResourceA
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
ExitProcess
Sleep
HeapFree
GetProcAddress
InterlockedDecrement
GetLastError
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
GetCommandLineA
DecodePointer
LoadLibraryExA
GetCurrentThreadId
FindNextFileA
FindClose
FindFirstFileA
GetLongPathNameA
SetErrorMode
GetFileAttributesA

shlwapi

SHDeleteKeyA

gdiplus

GdiplusShutdown
GdiplusStartup

user32

KillTimer
PostMessageA
DestroyWindow
RegisterWindowMessageA
GetMonitorInfoA
MonitorFromWindow
GetClientRect
GetWindowRect
SetParent
SetWindowPos
RedrawWindow
ShowWindow
IsWindowVisible
SetWindowLongA
ScreenToClient
ReleaseDC
GetDC
SetFocus
SendMessageA
UnregisterClassA
MoveWindow
AdjustWindowRect
GetSystemMetrics
RemovePropA
GetParent
GetPropA
GetTopWindow
IsChild
PostQuitMessage
RegisterClassExA
GetKeyState
SystemParametersInfoA
MapVirtualKeyA
GetUpdateRect
BeginPaint
GetFocus
EndPaint
GetWindowLongA
CreateWindowExA
GetDlgItem
EndDialog
DefWindowProcA
GetClassInfoA
RegisterClassA
GetWindow
RegisterClipboardFormatA
SetTimer

gdi32

SwapBuffers
SetPixelFormat
ChoosePixelFormat
DescribePixelFormat
GetTextMetricsA
GetDeviceCaps

advapi32

RegOpenKeyA
RegDeleteKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
PropVariantClear
CoUninitialize
CoCreateInstance

opengl32

wglMakeCurrent
glBlendFunc
glMatrixMode
glViewport
glEnable
wglGetProcAddress
glFlush
wglDeleteContext
glLoadIdentity
glGetString
glEnableClientState
wglCreateContext
glOrtho
wglGetCurrentContext

Exports

Exports

WavesFX_CreatePluginWindow
WavesFX_DetachPluginWindow
WavesFX_GetChunk
WavesFX_GetParameter
WavesFX_GetParametersArray
WavesFX_GetProperty
WavesFX_Initialize
WavesFX_IsConnectionActive
WavesFX_Preset_Add
WavesFX_Preset_Delete
WavesFX_Preset_GetActive
WavesFX_Preset_GetCount
WavesFX_Preset_GetDefaultParameter
WavesFX_Preset_GetDefaultType
WavesFX_Preset_GetName
WavesFX_Preset_GetNameW
WavesFX_Preset_GetOutputName
WavesFX_Preset_GetParameter
WavesFX_Preset_GetParametersArray
WavesFX_Preset_GetSoundMode
WavesFX_Preset_GetType
WavesFX_Preset_RegisterChangeNotification
WavesFX_Preset_RegisterFile
WavesFX_Preset_RegisterMem
WavesFX_Preset_RevertToDefault
WavesFX_Preset_SaveDefault
WavesFX_Preset_SaveDefault2
WavesFX_Preset_SetActive
WavesFX_Preset_SetNameW
WavesFX_Preset_SetParameter
WavesFX_Preset_SetParametersArray
WavesFX_Preset_SetSoundMode
WavesFX_Preset_SetType
WavesFX_RegisterChangeNotification
WavesFX_SetBypassMode
WavesFX_SetChunk
WavesFX_SetParameter
WavesFX_SetParametersArray
WavesFX_SetProperty
WavesFX_Uninitialize
WavesFX_VendorSpecific

Sections

.text
Size: 558KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2426771d62ed24c97b5cd055d0b347fe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shlwapi

gdiplus

user32

gdi32

advapi32

shell32

ole32

opengl32

Exports

Exports

Sections

.text Size: 558KB - Virtual size: 557KB

RT_CODE Size: 85KB - Virtual size: 84KB

.rdata Size: 143KB - Virtual size: 143KB

.data Size: 36KB - Virtual size: 45KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 51KB - Virtual size: 50KB

.text
Size: 558KB - Virtual size: 557KB

RT_CODE
Size: 85KB - Virtual size: 84KB

.rdata
Size: 143KB - Virtual size: 143KB

.data
Size: 36KB - Virtual size: 45KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 51KB - Virtual size: 50KB