FinalMediaPlayer2011Setup[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

FinalMediaPlayer2011Setup.exe
Size

1.5MB
MD5

692bfe8315e74ba58210d23b9effbe22
SHA1

0369c7829fa4ad74e0014cd18351e30445f4722a
SHA256

247c0206304d865d14dfa3f80fb912d3925b9477f089214b3819ea7228eb9549
SHA512

c19804bb31547f26dfc56150119223bfa6bad0c85f0a306dba857d92fe36333cd7b3357e77b89a5a7ebabc7f05a75bfc91f10934b06423ff06e619ac997d4ce7
SSDEEP

24576:WIhRa9pf4JVo4rK5lpN/JLG4p5ECy1sN9cC9TJJfHdERDEbbHq:WBbf4hel3/A4n4+rTzDu

Score

N/A

Malware Config

Signatures

Files

FinalMediaPlayer2011Setup.exe
.exe windows x86

9408309336fd529c312445f0fedf7452

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:93:ad:65:df:71:bf:83:c8:88:24:20:f2:fe:0a:56
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

19/05/2009, 00:00

Not After

02/07/2011, 23:59

Subject

CN=W3i\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=W3i\, LLC,L=Sartell,ST=Minnesota,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d9:7e:c7:65:d2:94:db:5d:f9:9d:3e:7f:fc:8c:43:cc:b6:aa:39:6b
Signer

Actual PE Digest

d9:7e:c7:65:d2:94:db:5d:f9:9d:3e:7f:fc:8c:43:cc:b6:aa:39:6b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=W3i\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=W3i\, LLC,L=Sartell,ST=Minnesota,C=US

20/10/2022, 18:39
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

CreateFileW
GetFileAttributesW
FormatMessageW
LoadLibraryW
UnlockFileEx
GetDiskFreeSpaceW
UnlockFile
InterlockedCompareExchange
UnmapViewOfFile
MapViewOfFile
GetTempPathW
SetEvent
ResetEvent
CreateEventA
CreateFileMappingA
GetDiskFreeSpaceA
GetFileAttributesExW
DeleteFileW
AreFileApisANSI
ExitThread
CreateThread
GetFullPathNameW
LockFileEx
GetPrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
SystemTimeToFileTime
GetLocalTime
GetTickCount
WritePrivateProfileStringA
WaitForSingleObject
CreateMutexA
ReleaseMutex
SetUnhandledExceptionFilter
GetLastError
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
LockFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
RtlUnwind
GetStringTypeW
GetStringTypeA
RaiseException
FormatMessageA
GetModuleHandleA
LocalAlloc
lstrlenA
LocalFree
BeginUpdateResourceA
HeapAlloc
GetProcessHeap
UpdateResourceA
HeapFree
EndUpdateResourceA
LoadLibraryA
EnumResourceNamesA
EnumResourceLanguagesA
FreeLibrary
LoadLibraryExA
GetUserDefaultUILanguage
GetCurrentThreadId
GetTempPathA
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetSystemTime
GetTempFileNameA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
MoveFileA
GetModuleFileNameA
GetCurrentDirectoryA
GetFullPathNameA
MultiByteToWideChar
GetLongPathNameA
GetPrivateProfileSectionNamesA
CloseHandle
CreateProcessA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateProcess
GetExitCodeProcess
Module32First
Module32Next
GetProcAddress
GetCurrentProcessId
VirtualQuery
GetCurrentThread
GetCurrentProcess
FileTimeToSystemTime
GetTimeZoneInformation
CreateFileA
GetFileTime
FileTimeToLocalFileTime
GetFileSize
ReadFile
WriteFile
SetFilePointer
GetVersionExA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
ExpandEnvironmentStringsA
GlobalMemoryStatus
Sleep
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetStdHandle
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter

user32

GetWindowTextA
GetDlgItem
EnableWindow
SendMessageW
CreateWindowExA
GetClassInfoExA
RegisterClassExA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CallWindowProcA
DefWindowProcA
GetKeyboardState
CreatePopupMenu
DestroyMenu
AppendMenuA
TrackPopupMenu
GetDlgCtrlID
GetClientRect
AdjustWindowRectEx
OffsetRect
SetClassLongA
IsIconic
GetWindowTextLengthA
DrawIcon
ReleaseDC
SetDlgItemTextA
LoadAcceleratorsA
GetWindowLongA
MessageBoxA
GetSysColorBrush
MessageBoxExA
SendMessageA
IsWindow
SetWindowPos
SetTimer
KillTimer
GetWindowRect
IsWindowVisible
SetFocus
EndDialog
LoadIconA
PostQuitMessage
GetWindowThreadProcessId
GetForegroundWindow
CreateDialogParamA
DialogBoxParamA
GetSysColor
GetDesktopWindow
FindWindowA
GetShellWindow
SystemParametersInfoA
GetSystemMetrics
GetCursorPos
EnumChildWindows
GetClassNameA
IsWindowEnabled
EnumWindows
ShowWindow
SetForegroundWindow
LoadStringA
PostMessageA
SetWindowTextA
DestroyWindow
GetDC
UpdateWindow
WaitForInputIdle
SetWindowLongA
LoadCursorA
SetCursor
AttachThreadInput

shell32

Shell_NotifyIconA
ShellExecuteExA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoTaskMemAlloc
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoCreateInstance
OleInitialize
CoInitializeSecurity
OleUninitialize

psapi

GetModuleFileNameExA
EnumProcesses

userenv

ExpandEnvironmentStringsForUserA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetCrackUrlA
InternetCombineUrlA
InternetGetCookieA
InternetSetCookieA
InternetCloseHandle
InternetSetStatusCallback
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetErrorDlg
InternetReadFileExA
InternetOpenA

shlwapi

PathRenameExtensionA
PathFindExtensionA
PathCombineA
PathStripPathA
PathRemoveFileSpecA
PathIsDirectoryEmptyA
UrlEscapeA
SHDeleteEmptyKeyA

urlmon

IsValidURL

comdlg32

GetOpenFileNameA

advapi32

GetLengthSid
RegEnumValueA
RegEnumKeyExA
RevertToSelf
OpenProcessToken
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
SetTokenInformation
LookupPrivilegeValueA
DuplicateTokenEx
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RegOpenCurrentUser
RegOpenUserClassesRoot
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA

oleaut32

SafeArrayDestroy
SafeArrayUnaccessData
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString
SafeArrayCreateVector
SafeArrayAccessData

gdi32

SetBkColor

Sections

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-fr
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-ti
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-de
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-de
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-ti
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-fr
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9408309336fd529c312445f0fedf7452

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

73:93:ad:65:df:71:bf:83:c8:88:24:20:f2:fe:0a:56Certificate

Extended Key Usages

Key Usages

d9:7e:c7:65:d2:94:db:5d:f9:9d:3e:7f:fc:8c:43:cc:b6:aa:39:6bSigner

Signature Validations

Verification

20/10/2022, 18:39 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

shell32

ole32

psapi

userenv

version

wininet

shlwapi

urlmon

comdlg32

advapi32

oleaut32

gdi32

Sections

.text Size: 362KB - Virtual size: 361KB

.text-co Size: 17KB - Virtual size: 17KB

.text-co Size: 90KB - Virtual size: 89KB

.text-co Size: 48KB - Virtual size: 48KB

.text-co Size: 18KB - Virtual size: 18KB

.text-co Size: 11KB - Virtual size: 10KB

.text-co Size: 34KB - Virtual size: 34KB

.text-fr Size: 34KB - Virtual size: 34KB

.text-co Size: 30KB - Virtual size: 29KB

.text-co Size: 55KB - Virtual size: 55KB

.text-co Size: 28KB - Virtual size: 27KB

.text-co Size: 10KB - Virtual size: 10KB

.text-co Size: 10KB - Virtual size: 10KB

.text-co Size: 25KB - Virtual size: 25KB

.text-co Size: 10KB - Virtual size: 9KB

.text-ti Size: 41KB - Virtual size: 40KB

.text-co Size: 9KB - Virtual size: 9KB

.text-de Size: 66KB - Virtual size: 66KB

.rdata Size: 225KB - Virtual size: 224KB

.data Size: 15KB - Virtual size: 24KB

.data-de Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 140B

.data-co Size: 512B - Virtual size: 44B

.data-co Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 40B

.data-ti Size: 1KB - Virtual size: 1KB

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 68B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-fr Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 20B

.rsrc Size: 359KB - Virtual size: 359KB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

73:93:ad:65:df:71:bf:83:c8:88:24:20:f2:fe:0a:56
Certificate

d9:7e:c7:65:d2:94:db:5d:f9:9d:3e:7f:fc:8c:43:cc:b6:aa:39:6b
Signer

20/10/2022, 18:39
Valid: false

.text
Size: 362KB - Virtual size: 361KB

.text-co
Size: 17KB - Virtual size: 17KB

.text-co
Size: 90KB - Virtual size: 89KB

.text-co
Size: 48KB - Virtual size: 48KB

.text-co
Size: 18KB - Virtual size: 18KB

.text-co
Size: 11KB - Virtual size: 10KB

.text-co
Size: 34KB - Virtual size: 34KB

.text-fr
Size: 34KB - Virtual size: 34KB

.text-co
Size: 30KB - Virtual size: 29KB

.text-co
Size: 55KB - Virtual size: 55KB

.text-co
Size: 28KB - Virtual size: 27KB

.text-co
Size: 10KB - Virtual size: 10KB

.text-co
Size: 10KB - Virtual size: 10KB

.text-co
Size: 25KB - Virtual size: 25KB

.text-co
Size: 10KB - Virtual size: 9KB

.text-ti
Size: 41KB - Virtual size: 40KB

.text-co
Size: 9KB - Virtual size: 9KB

.text-de
Size: 66KB - Virtual size: 66KB

.rdata
Size: 225KB - Virtual size: 224KB

.data
Size: 15KB - Virtual size: 24KB

.data-de
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 140B

.data-co
Size: 512B - Virtual size: 44B

.data-co
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 40B

.data-ti
Size: 1KB - Virtual size: 1KB

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 68B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-fr
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 20B

.rsrc
Size: 359KB - Virtual size: 359KB