671341f89707aeb85bb7ca09533bb28faca735242ac10423e7a0cde3a98499d5

Sharing

Copy URL Twitter E-mail

General

Target

671341f89707aeb85bb7ca09533bb28faca735242ac10423e7a0cde3a98499d5
Size

2.6MB
MD5

087ae4aa1bb00efbc208f20174e887d7
SHA1

e64292645cdd20d2bbbe02f71b99ac5eabed4df2
SHA256

671341f89707aeb85bb7ca09533bb28faca735242ac10423e7a0cde3a98499d5
SHA512

4551aefa14383426fad8d7bd0101173e8885cff923377aef8bb571715e9706f72b2b31ad994c96685a64f0bfa51ee0b4609a4cbd18071f49fc1a1b8203611842
SSDEEP

49152:zFltg3I3s9UAK0NxkLQzAZNY5RK+P/o+arARDKpv7GrCYUa:hlJ3smicLY5RK+P/oARo7Gr3Ua

Score

N/A

Malware Config

Signatures

Files

671341f89707aeb85bb7ca09533bb28faca735242ac10423e7a0cde3a98499d5
.dll regsvr32 windows x86

8a85ef5ee3e61e9f09293dd48f98b19c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

fmmediaformats

?av_open_close_cs@@3U_RTL_CRITICAL_SECTION@@A
?call_stack_cs@@3U_RTL_CRITICAL_SECTION@@A
?call_storages_num@@3IA
?call_info_storage@@3PAUCallInfoStorage@@A
?global_tmp@@3HA

id3lib

??0ID3_Frame@@QAE@W4ID3_FrameID@@@Z
?AttachFrame@ID3_Tag@@QAE_NPAVID3_Frame@@@Z
?Update@ID3_Tag@@QAEGG@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
??1ID3_Tag@@UAE@XZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
??1ID3_Frame@@UAE@XZ
?Link@ID3_Tag@@QAEIPBDG@Z
??0ID3_Tag@@QAE@PBD@Z

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

WideCharToMultiByte
GetEnvironmentVariableA
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
LoadLibraryW
GetLastError
SetEvent
WaitForSingleObject
ResetEvent
lstrlenW
CreateEventW
InterlockedDecrement
Sleep
CloseHandle
CreateDirectoryW
GetVersionExW
GetModuleFileNameW
RaiseException
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
ExitThread
InterlockedExchange
CreateThread
GetTickCount
GetTempPathW
LockResource
EnterCriticalSection
GetSystemInfo
DeleteFileA
SetFileAttributesA
SetThreadLocale
GetThreadLocale
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
LeaveCriticalSection
GetModuleHandleW
GetProcAddress
GetProcessHeap
EncodePointer
DecodePointer
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrlenA
LocalFree
LocalAlloc
LoadLibraryA
WriteFile
DeleteFileW
CreateFileW
FindResourceExW
GetCurrentThreadId
CreateSemaphoreW
SignalObjectAndWait
ReleaseSemaphore
ResumeThread
GetThreadPriority
WaitForMultipleObjects
SetThreadPriority
GetFileSizeEx
ReadFile
GetSystemTime
SetLastError
GetLocalTime
GetEnvironmentVariableW
GetTempFileNameW
SetThreadAffinityMask
GetCurrentThread
GetProcessAffinityMask
InterlockedExchangeAdd
GetComputerNameA
HeapDestroy

user32

wsprintfW
CharNextW
EnumDisplayDevicesA

advapi32

GetTraceLoggerHandle
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
GetTraceEnableFlags
RegDeleteValueW
TraceEvent
UnregisterTraceGuids
GetTraceEnableLevel
RegisterTraceGuidsW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

shell32

SHFileOperationW
SHGetFolderPathW

ole32

CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
OleRun
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc

oleaut32

VariantCopy
RegisterTypeLi
UnRegisterTypeLi
VariantClear
VariantInit
SysAllocStringLen
VarBstrCmp
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo

msvcp100

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?id@?$codecvt@DDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Xout_of_range@std@@YAXPBD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Xfunc@tr1@std@@YAXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
??1_Container_base12@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ

avcodec-54

av_destruct_packet
av_dup_packet
av_frame_get_channels
av_free_packet
av_get_bits_per_sample
av_init_packet
av_lockmgr_register
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_encode_audio2
avcodec_encode_video2
avcodec_find_decoder
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_free_frame
avcodec_get_context_defaults3
avcodec_open2
avcodec_register_all
avpicture_fill
avpicture_free
avpicture_get_size

avformat-54

av_guess_format
av_interleaved_write_frame
av_register_all
av_write_trailer
avformat_alloc_context
avformat_free_context
avformat_new_stream
avformat_write_header
avio_close
avio_open

avutil-52

av_calloc
av_dict_set
av_dynarray_add
av_free
av_freep
av_get_bytes_per_sample
av_get_default_channel_layout
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_opt_get_int
av_opt_set
av_opt_set_int
av_rescale
av_rescale_q
av_sample_fmt_is_planar
av_samples_alloc

swscale-2

sws_freeContext
sws_getContext
sws_scale

msvcr100

_CIpow
_CIatan
_time32
_localtime32
wprintf
ceil
_CIlog
fopen
_wfopen
rand
puts
floor
perror
_resetstkoflw
feof
wcstombs
_iob
asctime
_ftol
fscanf
srand
_CIlog10
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_CIsqrt
_initterm
_encoded_null
_malloc_crt
_except_handler4_common
?terminate@@YAXXZ
_vsnprintf
_onexit
_lock
__dllonexit
_unlock
_wcsnicmp
wcscat_s
_wmkdir
_wgetcwd
_wchdir
_wcsicmp
_wtoi64
_wtoi
iswspace
memmove_s
wmemcpy_s
_vsnwprintf
_wcslwr_s
wcsncpy_s
??3@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
__CxxFrameHandler3
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
memmove
memcpy
memset
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
fgetc
fputc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
exit
_snprintf
printf
??_V@YAXPAX@Z
strstr
strcpy_s
toupper
malloc
free
_purecall
calloc
_recalloc
wcsstr
_vscwprintf
vswprintf_s
fprintf
fprintf_s
printf_s
_wremove
_filelength
_wfopen_s
wcscpy_s
sprintf_s
vsprintf_s
_wsplitpath_s
isprint

gdi32

StretchDIBits

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 191KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_DATA
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a85ef5ee3e61e9f09293dd48f98b19c

Headers

DLL Characteristics

File Characteristics

Imports

fmmediaformats

id3lib

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp100

avcodec-54

avformat-54

avutil-52

swscale-2

msvcr100

gdi32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

RT_CODE Size: 28KB - Virtual size: 27KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 191KB - Virtual size: 272KB

RT_DATA Size: 1024B - Virtual size: 912B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 41KB - Virtual size: 41KB

.text Size: 100KB - Virtual size: 100KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 2.1MB - Virtual size: 2.1MB

RT_CODE
Size: 28KB - Virtual size: 27KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 191KB - Virtual size: 272KB

RT_DATA
Size: 1024B - Virtual size: 912B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 41KB - Virtual size: 41KB

.text
Size: 100KB - Virtual size: 100KB

.text
Size: 100KB - Virtual size: 100KB