ADM_audioParser6[.]dll

Resubmissions

21-12-2024 14:40

241221-r1w1ea1nbw 3

Sharing

Copy URL

Twitter E-mail

General

Target

ADM_audioParser6.dll
Size

67KB
MD5

1d2738bd627e2db69b2943d7a7be5dca
SHA1

a81c523af8c113c99f9b6e9db946ce04df5f8d3d
SHA256

1fb19ed61f6d0c46c5c66b859c90c5188896c75bba5c47bb6027e0d2facb435a
SHA512

d3feeb13fbc81b6024d03835aae31772843e9d4cbb04a9ee70e7aee33a32babc80189432e515b8344efbd3b3bb8604e197f70274739b30afead91c4ed049e67d
SSDEEP

768:Yj/czaIFc5TwvimvrIlmo4Pn5NAlIju0Ytz:MkzaF5kviWrIEo4Pn5NJOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ADM_audioParser6.dll

Files

ADM_audioParser6.dll
.dll windows:6 windows x64 arch:x64

5dc5137592caca9f48f5d62830b1e3e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\jenkins\workspace\VS2019_no_import\buildCore\ADM_coreAudioParser\src\RelWithDebInfo\ADM_audioParser6.pdb

Imports

adm_coreutils6

?getConsumedBits@getBits@@QEAAHXZ
??0getBits@@QEAA@AEBV0@@Z
??0getBits@@QEAA@HPEAE@Z
?skip@getBits@@QEAAHH@Z
?get@getBits@@QEAAHH@Z
?show@getBits@@QEAAHH@Z
??1getBits@@QEAA@XZ
?align@getBits@@QEAAXXZ

avutil-56

av_get_channel_layout_nb_channels

adm_core6

ADM_dezalloc
ADM_backTrack
myAdmMemcpy
ADM_error2
ADM_alloc
ADM_warning2

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__std_type_info_destroy_list
memset
_CxxThrowException
memmove
__C_specific_handler
__current_exception
__std_exception_copy
__std_exception_destroy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm
_initterm_e
_seh_filter_dll
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

kernel32

GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

??0ADM_adts2aac@@QEAA@AEBV0@@Z
??0ADM_adts2aac@@QEAA@XZ
??0ADM_latm2aac@@QEAA@AEBV0@@Z
??0ADM_latm2aac@@QEAA@XZ
??1ADM_adts2aac@@QEAA@XZ
??1ADM_latm2aac@@QEAA@XZ
??4ADM_adts2aac@@QEAAAEAV0@AEBV0@@Z
??4ADM_latm2aac@@QEAAAEAV0@AEBV0@@Z
?ADM_AC3GetInfo@@YAEPEBEIPEAI111@Z
?ADM_DCAGetInfo@@YA_NPEAEIPEAUADM_DCA_INFO@@PEAI_N@Z
?ADM_EAC3GetInfo@@YA_NPEBEIPEAIPEAUADM_EAC3_INFO@@PEA_N@Z
?ADM_a52_syncinfo@@YAHPEBEPEAH11@Z
?ADM_getAacInfoFromConfig@@YA_NHPEAEAEAUAacAudioInfo@@@Z
?AudioSpecificConfig@ADM_latm2aac@@AEAA_NAEAVgetBits@@AEAH@Z
?addData@ADM_adts2aac@@QEAA_NHPEBE@Z
?convert2@ADM_adts2aac@@QEAA?AW4ADTS_STATE@1@HPEBEPEAHPEAE@Z
?convert@ADM_latm2aac@@QEAA?AW4LATM_STATE@1@_K@Z
?demuxLatm@ADM_latm2aac@@AEAA_N_KPEAEI@Z
?empty@ADM_latm2aac@@QEAA_NXZ
?flush@ADM_latm2aac@@QEAA_NXZ
?getAACFrame@ADM_adts2aac@@QEAA?AW4ADTS_STATE@1@PEAHPEAE0@Z
?getChannels@ADM_adts2aac@@QEAAHXZ
?getChannels@ADM_latm2aac@@QEAAHXZ
?getData@ADM_latm2aac@@QEAA_NPEA_KPEAIPEAEI@Z
?getExtraData@ADM_adts2aac@@QEAA_NPEAIPEAPEAE@Z
?getExtraData@ADM_latm2aac@@QEAA_NPEAIPEAPEAE@Z
?getFrequency@ADM_adts2aac@@QEAAHXZ
?getFrequency@ADM_latm2aac@@QEAAHXZ
?getMpegFrameInfo@@YAEPEBEIPEAUMpegAudioInfo@@1PEAI@Z
?pushData@ADM_latm2aac@@QEAA_NHPEAE@Z
?readAudioMux@ADM_latm2aac@@AEAA_N_KAEAVgetBits@@@Z
?readPayload@ADM_latm2aac@@AEAA_NAEAVgetBits@@_KH@Z
?readPayloadInfoLength@ADM_latm2aac@@AEAAHAEAVgetBits@@@Z
?readStreamMuxConfig@ADM_latm2aac@@AEAA_NAEAVgetBits@@@Z
?reset@ADM_adts2aac@@QEAA_NXZ

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

5dc5137592caca9f48f5d62830b1e3e4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

adm_coreutils6

avutil-56

adm_core6

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 4KB

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 433B

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 4KB

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 433B