librediscord[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

librediscord.exe
Size

396KB
MD5

4c564b3125e0ec5455e14303365685a5
SHA1

ab7b218f489ae24d1b4a7b339fc2d12e1d6ec412
SHA256

6f6d4aeaac0a6806ce086fe6a238f15d021060a1aa21f15df94940c141f21f84
SHA512

204a8775de46d8e0a5cca93339f1cbef96c9429e355c5edc3f78eeb7a1de3b5ec13a2b73c87308a1d21fe58386bce1b9a1b8286e284282a446bec8254a074a8b
SSDEEP

3072:+TfVbc4GVeZv3Fq3cuH0bzR6RCJz1ISxjNwhpTAUhFhG0eaLUzigbH2zf7gpf85:+7VY4XXq3cv9sC1V4TPhD97gC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
librediscord.exe

Files

librediscord.exe
.exe windows:4 windows x64 arch:x64

05e5c36cb79dc9962a8c77c1d82126ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

CredDeleteW
CredEnumerateW
CredFree
CredWriteW

libcairo-2

cairo_fill
cairo_pattern_add_color_stop_rgb
cairo_pattern_create_linear
cairo_pattern_destroy
cairo_rectangle
cairo_set_source

libgdk-3-0

gdk_event_get_event_type
gdk_window_set_events

libgdk_pixbuf-2.0-0

gdk_pixbuf_animation_new_from_stream_async
gdk_pixbuf_animation_new_from_stream_finish
gdk_pixbuf_new_from_resource_at_scale
gdk_pixbuf_new_from_stream_async
gdk_pixbuf_new_from_stream_finish

libgio-2.0-0

g_file_copy
g_file_copy_attributes
g_file_delete
g_file_enumerate_children
g_file_enumerator_next_file
g_file_info_get_name
g_file_make_directory
g_file_new_build_filename
g_file_new_for_path
g_file_query_exists
g_file_query_file_type
g_file_resolve_relative_path
g_inet_socket_address_new_from_string
g_keyfile_settings_backend_new
g_resources_lookup_data
g_settings_get_boolean
g_settings_get_double
g_settings_get_string
g_settings_get_uint
g_settings_new_full
g_settings_schema_source_lookup
g_settings_schema_source_ref
g_settings_set_boolean
g_settings_set_double
g_settings_set_string
g_settings_set_uint
g_socket_address_get_family
g_socket_close
g_socket_create_source
g_socket_new
g_socket_receive_from
g_socket_send_to
g_socket_set_blocking
g_static_resource_fini
g_static_resource_get_resource
g_static_resource_init
g_task_is_valid
g_task_new
g_task_propagate_pointer
g_task_return_pointer
g_task_run_in_thread

libglib-2.0-0

g_ascii_strtoull
g_assertion_message_expr
g_build_filename
g_bytes_get_data
g_bytes_get_size
g_bytes_ref
g_bytes_unref
g_error_free
g_file_error_quark
g_free
g_get_tmp_dir
g_get_user_cache_dir
g_get_user_config_dir
g_intern_static_string
g_list_append
g_list_free_full
g_list_remove
g_log
g_malloc0
g_malloc0_n
g_markup_printf_escaped
g_mkdir_with_parents
g_mutex_lock
g_mutex_unlock
g_print
g_ptr_array_add
g_ptr_array_free
g_ptr_array_new
g_ptr_array_remove
g_ptr_array_remove_index
g_qsort_with_data
g_random_int
g_return_if_fail_warning
g_set_error_literal
g_slice_alloc
g_slice_free1
g_source_attach
g_source_destroy
g_source_is_destroyed
g_source_set_callback
g_source_unref
g_sprintf
g_str_has_prefix
g_strcmp0
g_strdup
g_strdup_printf
g_strjoinv
g_timeout_source_new

libgobject-2.0-0

g_object_get_data
g_object_ref
g_object_set
g_object_set_data
g_object_steal_data
g_object_unref
g_signal_connect_data
g_type_check_instance_is_a

libgtk-3-0

gtk_about_dialog_set_logo
gtk_adjustment_get_value
gtk_adjustment_new
gtk_adjustment_set_value
gtk_bin_get_child
gtk_box_new
gtk_box_pack_end
gtk_builder_connect_signals_full
gtk_builder_get_object
gtk_builder_new_from_resource
gtk_button_new_with_label
gtk_combo_box_get_active_id
gtk_combo_box_set_active_id
gtk_combo_box_text_append
gtk_combo_box_text_remove_all
gtk_container_add
gtk_container_remove
gtk_drawing_area_new
gtk_entry_get_text
gtk_entry_set_text
gtk_event_box_new
gtk_icon_info_load_symbolic_for_context
gtk_icon_theme_add_resource_path
gtk_icon_theme_choose_icon
gtk_icon_theme_new
gtk_image_new
gtk_image_set_from_animation
gtk_image_set_from_icon_name
gtk_image_set_from_pixbuf
gtk_init_abi_check
gtk_label_new
gtk_label_set_line_wrap
gtk_label_set_markup
gtk_label_set_text
gtk_list_box_get_row_at_index
gtk_list_box_get_selected_row
gtk_list_box_new
gtk_list_box_row_get_index
gtk_list_box_set_selection_mode
gtk_list_box_unselect_all
gtk_main
gtk_main_quit
gtk_message_dialog_new
gtk_paned_add2
gtk_paned_get_child2
gtk_popover_get_type
gtk_popover_new
gtk_popover_popdown
gtk_popover_popup
gtk_popover_set_modal
gtk_popover_set_position
gtk_scale_add_mark
gtk_scale_new
gtk_scale_set_digits
gtk_switch_get_active
gtk_switch_set_active
gtk_widget_destroy
gtk_widget_get_allocated_height
gtk_widget_get_allocated_width
gtk_widget_get_parent
gtk_widget_get_style_context
gtk_widget_get_window
gtk_widget_hide
gtk_widget_hide_on_delete
gtk_widget_queue_draw
gtk_widget_set_halign
gtk_widget_set_margin_end
gtk_widget_set_margin_start
gtk_widget_set_sensitive
gtk_widget_set_valign
gtk_widget_show
gtk_widget_show_all
gtk_window_set_title

libjson-glib-1.0-0

json_array_get_int_element
json_array_get_length
json_array_get_object_element
json_array_get_string_element
json_from_string
json_node_free
json_node_get_node_type
json_node_get_object
json_object_get_array_member
json_object_get_boolean_member
json_object_get_int_member
json_object_get_member
json_object_get_null_member
json_object_get_object_member
json_object_get_string_member
json_object_get_string_member_with_default
json_object_has_member
json_object_set_boolean_member
json_object_set_int_member
json_object_set_null_member
json_object_set_string_member
json_to_string

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

libleveldb

leveldb_close
leveldb_free
leveldb_get
leveldb_open
leveldb_options_create
leveldb_options_destroy
leveldb_options_set_create_if_missing
leveldb_readoptions_create
leveldb_readoptions_destroy

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_errno
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
ldexp
log
log10
malloc
mbstowcs
memcpy
memset
signal
strlen
strncmp
vfprintf
wcstombs

libopus-0

opus_decode_float
opus_decoder_create
opus_decoder_destroy
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy

librtaudio-7

rtaudio_api_name
rtaudio_close_stream
rtaudio_compiled_api
rtaudio_compiled_api_by_name
rtaudio_create
rtaudio_destroy
rtaudio_device_count
rtaudio_get_device_info
rtaudio_get_num_compiled_apis
rtaudio_open_stream
rtaudio_start_stream
rtaudio_stop_stream

libsodium-26

crypto_secretbox_easy
crypto_secretbox_open_easy

libsoup-2.4-1

_SOUP_METHOD_GET
soup_message_headers_append
soup_message_headers_replace
soup_message_new
soup_message_set_request
soup_session_new
soup_session_new_with_options
soup_session_queue_message
soup_session_send_async
soup_session_send_finish
soup_session_websocket_connect_async
soup_session_websocket_connect_finish
soup_websocket_connection_close
soup_websocket_connection_get_close_code
soup_websocket_connection_get_state
soup_websocket_connection_send_text

Exports

Exports

resources_get_resource

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 983B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 1024B - Virtual size: 658B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05e5c36cb79dc9962a8c77c1d82126ad

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

libcairo-2

libgdk-3-0

libgdk_pixbuf-2.0-0

libgio-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-3-0

libjson-glib-1.0-0

kernel32

libleveldb

msvcrt

libopus-0

librtaudio-7

libsodium-26

libsoup-2.4-1

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 928B

.rdata Size: 121KB - Virtual size: 121KB

.pdata Size: 3KB - Virtual size: 2KB

.xdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 384B

.edata Size: 512B - Virtual size: 90B

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 312B

/4 Size: 2KB - Virtual size: 1KB

/19 Size: 48KB - Virtual size: 47KB

/31 Size: 10KB - Virtual size: 10KB

/45 Size: 11KB - Virtual size: 11KB

/57 Size: 3KB - Virtual size: 2KB

/70 Size: 1024B - Virtual size: 983B

/81 Size: 7KB - Virtual size: 7KB

/97 Size: 8KB - Virtual size: 7KB

/113 Size: 1024B - Virtual size: 658B

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 928B

.rdata
Size: 121KB - Virtual size: 121KB

.pdata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 384B

.edata
Size: 512B - Virtual size: 90B

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 312B

/4
Size: 2KB - Virtual size: 1KB

/19
Size: 48KB - Virtual size: 47KB

/31
Size: 10KB - Virtual size: 10KB

/45
Size: 11KB - Virtual size: 11KB

/57
Size: 3KB - Virtual size: 2KB

/70
Size: 1024B - Virtual size: 983B

/81
Size: 7KB - Virtual size: 7KB

/97
Size: 8KB - Virtual size: 7KB

/113
Size: 1024B - Virtual size: 658B