1d065a0963623911b50543755593e0fbb99a1c3eb859e1334f29831008b2a837

Sharing

Copy URL Twitter E-mail

General

Target

1d065a0963623911b50543755593e0fbb99a1c3eb859e1334f29831008b2a837
Size

97KB
MD5

56ddb1c63c7fbb357303587717fb2fea
SHA1

78e9892f94953f854eb68a3a81cce21aac70f95a
SHA256

1d065a0963623911b50543755593e0fbb99a1c3eb859e1334f29831008b2a837
SHA512

4151264e8e096209ca285bb63253fb46bce45e3c28bbec54fd57983c71f2e9985115ffe3d5bbf303a3969d96db3bbd7fa1a75b57dd9bb893e5218977617315e5
SSDEEP

1536:fGW4RpTci5HWDIsIFZkKHo8khlWez5sJ7HdFObCJ7RRPm+GMC17o4j8:fN4nTZWDFIFidkeQHTObC75m+twj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d065a0963623911b50543755593e0fbb99a1c3eb859e1334f29831008b2a837

Files

1d065a0963623911b50543755593e0fbb99a1c3eb859e1334f29831008b2a837
.dll windows:6 windows x86 arch:x86

c01cc701289bacf6665495be5c3c4861

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\Release\foo_out_asio.pdb

Imports

kernel32

SetPriorityClass
GetTickCount
CreateProcessW
GetProcessHeap
DeleteCriticalSection
DecodePointer
GetOverlappedResult
HeapAlloc
ResetEvent
CancelIoEx
RaiseException
GetNativeSystemInfo
CloseHandle
GetLastError
CreateEventW
DuplicateHandle
GetCurrentThreadId
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
InitializeCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
CreateNamedPipeW
TerminateProcess
WriteFile
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
GetStdHandle
GetCurrentProcess
EnterCriticalSection
SetLastError
HeapFree
ReadFile
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
SetEvent
OutputDebugStringW
GetModuleHandleW
GetProcAddress
lstrlenW

user32

DialogBoxParamW
GetDlgItem
SetWindowLongW
LoadCursorW
SendDlgItemMessageW
RegisterClassW
PeekMessageW
SetTimer
DispatchMessageW
ShowWindow
TrackPopupMenu
MsgWaitForMultipleObjects
MessageBeep
UnregisterClassW
DestroyMenu
DrawEdge
FillRect
EnableWindow
EndDialog
SendMessageW
MessageBoxW
DestroyWindow
GetMessagePos
DefWindowProcW
CreateDialogParamW
GetWindowLongW
InvalidateRect
CreatePopupMenu
IsWindowEnabled
MapDialogRect
GetParent
GetClientRect
BeginPaint
EndPaint
GetSysColor
DrawTextW
GetWindowTextW

gdi32

SelectObject
SetTextColor
SetBkMode
GetTextExtentPoint32W
GetObjectW
DeleteObject
CreateFontIndirectW

ole32

CoCreateGuid

shared

_uGetDlgItemText@12
_uExceptFilterProc@4
_uFormatSystemErrorMessage@8
_ModalDialog_PokeExisting@0
_ModalDialog_CanCreateNew@0
_uAppendMenu@16
_uPrintCrashInfo_OnEvent@8
_uSendMessageText@16
_uBugCheck@0
_uSetDlgItemText@12
_GetInfiniteWaitEvent@0

vcruntime140

memset
_except_handler4_common
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
memcpy
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
memcmp
_except_handler3

api-ms-win-crt-heap-l1-1-0

_callnewh
_aligned_free
_aligned_realloc
_aligned_malloc
malloc
free
_expand
realloc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
terminate
_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-math-l1-1-0

__libm_sse2_pow
llround
lround

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c01cc701289bacf6665495be5c3c4861

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

shared

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

.movehcs
Size: 512B - Virtual size: 4KB