2031b8ec6d1f052926a2210cdadc5ccbff1564e89d4479bc5a54d48b716e3525

Sharing

Copy URL Twitter E-mail

General

Target

2031b8ec6d1f052926a2210cdadc5ccbff1564e89d4479bc5a54d48b716e3525
Size

175KB
MD5

cb871efdf4b40ac7f51ae8f0e2ae85e9
SHA1

b6f3b421295442fb506114bb5a56b54c6db5eaf2
SHA256

2031b8ec6d1f052926a2210cdadc5ccbff1564e89d4479bc5a54d48b716e3525
SHA512

9777868f5d61ddc46ebe03e70ea8a5a55219377a9247fbea963af12a88f5373aa266c8e8efd7e4da03509350fa607a6b7b153f09f3aa4b284c3d57c85d205c4c
SSDEEP

3072:vWYVxszyJZ3jtQ5KSMNZOpQvyryu9DPmr/JtqJdMCmoK7R2O:VxtJttQoB2QvMyu9bAJovMdd2O

Score

N/A

Malware Config

Signatures

Files

2031b8ec6d1f052926a2210cdadc5ccbff1564e89d4479bc5a54d48b716e3525
.dll windows x86

c43e571b0882253cc7759d63d2bb6037

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avutil-54

av_free
av_malloc
av_samples_get_buffer_size

avcodec-56

audio_resample
audio_resample_close
av_audio_resample_init
av_init_packet
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio4
avcodec_find_decoder
avcodec_free_frame
avcodec_get_frame_defaults
avcodec_open2
avcodec_register_all

avformat-56

av_register_all

msvcr110

??_V@YAXPAX@Z
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
??_U@YAPAXI@Z
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
?terminate@@YAXXZ
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
memmove
??1exception@std@@UAE@XZ
_purecall
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject
_CxxThrowException
__CxxDetectRethrow
__CxxUnregisterExceptionObject
strcpy_s
_cexit
__FrameUnwindFilter
ceil
__CxxFrameHandler3
memcpy
memset
free
?__ExceptionPtrCopy@@YAXPAXPBX@Z

msvcp110

?_Orphan_all@_Container_base0@std@@QAEXXZ
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??0id@locale@std@@QAE@I@Z
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z

kernel32

DisableThreadLibraryCalls
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
InitializeCriticalSection
IsProcessorFeaturePresent
QueryPerformanceCounter
DecodePointer
EncodePointer
IsDebuggerPresent

playctrl

PlayM4_InputVideoData
PlayM4_Stop
PlayM4_GetPort
PlayM4_Play
PlayM4_InputAudioData
PlayM4_FreePort
PlayM4_SetStreamOpenMode
PlayM4_SetDecCallBackMend
PlayM4_OpenStreamEx
PlayM4_CloseStreamEx

mscoree

_CorDllMain

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.odata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c43e571b0882253cc7759d63d2bb6037

Headers

DLL Characteristics

File Characteristics

Imports

avutil-54

avcodec-56

avformat-56

msvcr110

msvcp110

kernel32

playctrl

mscoree

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.odata Size: 2KB - Virtual size: 1KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB

.odata
Size: 2KB - Virtual size: 1KB