8a4b3aacf8b9dfafc089dd7718fa4b3432b569caa8ff3502ba062cf0c246c0ffN

Sharing

Copy URL Twitter E-mail

General

Target

8a4b3aacf8b9dfafc089dd7718fa4b3432b569caa8ff3502ba062cf0c246c0ffN
Size

46KB
MD5

c0434446b773862814f87a16c040f3c0
SHA1

2f3e3b8fd7e9496ed3a2c80d212bc2eabeff7fc9
SHA256

8a4b3aacf8b9dfafc089dd7718fa4b3432b569caa8ff3502ba062cf0c246c0ff
SHA512

c5406b26dd5e6f6097ff869ffc24d125c4a9fe8269853cce07adc16919bfe249d5087d41a47028b39c53253c891be8b261d47d64345cf22c0f9990976ca87829
SSDEEP

768:pChQm4fkMt9a0uyWZMtcGlT/XikVqlP/AokORsYtJa7FDYWYqOW1X9Y+ELA6Nahq:w8uZ+hPi5sY27FrYqO2X9YnA6NaY3FQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4b3aacf8b9dfafc089dd7718fa4b3432b569caa8ff3502ba062cf0c246c0ffN

Files

8a4b3aacf8b9dfafc089dd7718fa4b3432b569caa8ff3502ba062cf0c246c0ffN
.dll windows:6 windows x64 arch:x64

53f21b2bdbada350056e003a1240fd4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

out_notsodirect.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileStructW
CreateEventW
GetTickCount64
SetEvent
WaitForSingleObjectEx
CloseHandle
SleepEx
MulDiv
GetPrivateProfileStructW
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
LoadLibraryExA
GetProcAddress
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead

user32

GetDlgItem
GetClientRect
GetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
IsWindow
GetWindowLongPtrW
SendMessageW
SetWindowLongPtrW
SetWindowPos
PostMessageW
CheckDlgButton
SetDlgItemInt

winamp

ord2
ord40
ord1023
ord662
ord1095
ord1032
ord1027
ord1127
ord1
ord170
ord455
ord444
ord266
ord659
ord581
ord620
ord1176
ord213
ord387
ord490
ord1290
ord252
ord1010
ord138
ord1281
ord1286
ord462
ord1094
ord251
ord286
ord1038

vcruntime140

memset
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table

Exports

Exports

winampGetOutModeChange
winampGetOutModule
winampGetOutPrefs
winampUninstallPlugin

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53f21b2bdbada350056e003a1240fd4b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

winamp

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.didat Size: 512B - Virtual size: 24B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 112B

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.didat
Size: 512B - Virtual size: 24B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 112B