4ebbcfe4d6aeff1bd4cdccd76cd8b8172ab4c1501277a85a847a2a4c7d217ae8

Sharing

Copy URL

Twitter E-mail

General

Target

4ebbcfe4d6aeff1bd4cdccd76cd8b8172ab4c1501277a85a847a2a4c7d217ae8
Size

465KB
MD5

63c5f99af4ad0fa9e660675a5b57f190
SHA1

b74f751f7e3e801477fa9447627fdf08c7ce9c4b
SHA256

4ebbcfe4d6aeff1bd4cdccd76cd8b8172ab4c1501277a85a847a2a4c7d217ae8
SHA512

299f09cb688c68db197ddcd654c4761b9831a909fbba42066bb8629eb0dca614dd84de5fb44bf4814825b381c0e69e8b9f015b4dd3c52db675c47179c4b97ba4
SSDEEP

3072:qyFrUKDOWlbJIYnwfph05UJHoEAXc0ZbOpTrzux6n62/y+WBwl51G5+nzsZ1MPIQ:FUvQbxwpaXc0JOpThn6ouwl51tnzMq1t

Score

N/A

Malware Config

Signatures

Files

4ebbcfe4d6aeff1bd4cdccd76cd8b8172ab4c1501277a85a847a2a4c7d217ae8
.dll windows x86

b43fc70536ace947ba80ae84cc6f3001

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mediainfo

MFICreate
MFIClone
MFIAddProgram
MFIAddStream
MFIRelease

demuxmgr

WSDemuxDestroy
WSDemuxSeek
AVGetFileInfoSupportCount
WSDemuxGetBlock
AVGetFileInfoSupportItem
WSDemuxGetExtraData
WSDemuxCreate
WSDemuxGetMaxBlockSize

kernel32

TlsSetValue
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
LCMapStringW
LCMapStringA
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
GetLastError
HeapFree
HeapAlloc
MultiByteToWideChar
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
GetModuleHandleA
TlsFree
SetLastError
Sleep
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
SetStdHandle
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

oleaut32

SysAllocString

Exports

Exports

GetDemuxInfoArray
GetFileInfoSupport

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 357KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b43fc70536ace947ba80ae84cc6f3001

Headers

File Characteristics

Imports

mediainfo

demuxmgr

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text Size: 357KB - Virtual size: 360KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 357KB - Virtual size: 360KB