Windows Analysis Report
SpotifyWidgetProvider.exe

Overview

General Information

Sample name: SpotifyWidgetProvider.exe
Analysis ID: 1529303
MD5: 96d69dea15c182edbbb8bd178e063959
SHA1: 392e8fe31010daf9ef6b648d0f3d67d43c4ef87d
SHA256: fac4407a29441b55b19390114468ca109fa7eb081f14ec829fad386aa10b5263
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: %1 is not a valid Win32 application.

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 60%

Signatures

PE file contains an invalid checksum
PE file contains sections with non-standard names
PE file overlay found

Classification

Source: SpotifyWidgetProvider.exe Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Binary string: SpotifyWidgetProvider.pdbA source: SpotifyWidgetProvider.exe
Source: Binary string: SpotifyWidgetProvider.pdb source: SpotifyWidgetProvider.exe
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://adaptivecards.io/schemas/adaptive-card.json
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://clienttoken.spotify.com/v1/clienttoken
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://clienttoken.spotify.com/v1/clienttokenapplication/x-protobuf
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://spclient.wg.spotify.com/
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://spclient.wg.spotify.com/application/x-protobufContent-Type
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://spclient.wg.spotify.com/gabo-receiver-service
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://spclient.wg.spotify.com/user-customization-service/v1/customize
Source: SpotifyWidgetProvider.exe String found in binary or memory: https://widget-content.spotify.com/v2/layouthttps://widget-content.spotify.com/v1/datahttps://widget
PE file overlay found
Source: SpotifyWidgetProvider.exe Static PE information: Data appended to the last section found
Source: classification engine Classification label: unknown1.winEXE@0/0@0/0
Source: SpotifyWidgetProvider.exe String found in binary or memory: -startupsend
Source: SpotifyWidgetProvider.exe String found in binary or memory: 0123456789ABCDEFcppEvent sender failed to serialize context data for context %s-nopersistence-rl-sendinterval.0s-essopt-startupsend-onlinesend-bgsend-bcdsend-modern-payloadkB-batch-lmdbwindows
Source: SpotifyWidgetProvider.exe Static PE information: Virtual size of .text is bigger than: 0x100000
Source: SpotifyWidgetProvider.exe Static PE information: Image base 0x140000000 > 0x60000000
Source: SpotifyWidgetProvider.exe Static file information: File size 3145728 > 1048576
Source: SpotifyWidgetProvider.exe Static PE information: Raw size of .text is bigger than: 0x100000 < 0x253e00
Source: SpotifyWidgetProvider.exe Static PE information: Raw size of .data is bigger than: 0x100000 < 0x611600
Source: SpotifyWidgetProvider.exe Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: SpotifyWidgetProvider.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: SpotifyWidgetProvider.pdbA source: SpotifyWidgetProvider.exe
Source: Binary string: SpotifyWidgetProvider.pdb source: SpotifyWidgetProvider.exe
PE file contains an invalid checksum
Source: SpotifyWidgetProvider.exe Static PE information: real checksum: 0x90d7ba should be: 0x30aa19
PE file contains sections with non-standard names
Source: SpotifyWidgetProvider.exe Static PE information: section name: _RDATA

No Screenshots

No Behavior Graph

No contacted IP infos