73ee1ca608dcba0bb76cc107494515d5708e7141b6bcac82f190902116128eab

Sharing

Copy URL

Twitter E-mail

General

Target

73ee1ca608dcba0bb76cc107494515d5708e7141b6bcac82f190902116128eab
Size

227KB
MD5

40235733fa262eaec5b7f4e8f5b5aab0
SHA1

8691057e61b4b335ae3f697af7f8dbe566e3f123
SHA256

73ee1ca608dcba0bb76cc107494515d5708e7141b6bcac82f190902116128eab
SHA512

dcea2ee71869fd0cfb53abd88ee63ae3d7f6a02d65d967f7f33b2b77eb34a61779a2d164dec76c2ea2aeb14b5a18467e72042d7714d13ae654588b5296fbd384
SSDEEP

6144:VnrlXiTmXMlniAhAnOkHdHltCbt63jXS:1lXiHiAhAddHl+6TC

Score

N/A

Malware Config

Signatures

Files

73ee1ca608dcba0bb76cc107494515d5708e7141b6bcac82f190902116128eab
.dll windows x86

0d2c00798e339795b193284ac2041a4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
LocalFree
LoadLibraryA
GetProcAddress
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer

amf-core-windesktop32

AMFVariantChangeType
AMFVariantClear
AMFVariantAssignInterface
AMFVariantAssignSize
AMFVariantInit
_amf_alloc@4
??_7AMFPropertyStorageEx@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6BAMFInterface@1@@
??0AMFPropertyStorageEx@amf@@QAE@XZ
?RemoveObserver@AMFPropertyStorageExImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageExImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?SetProperty@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?RemoveObserver@AMFPropertyStorageImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?QueryInterface@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@ABUAMFGuid@2@PAPAX@Z
?IID@AMFPropertyStorageEx@amf@@SA?BUAMFGuid@2@XZ
??1AMFPropertyStorageEx@amf@@UAE@XZ
??4AMFPropertyInfoImpl@amf@@QAEAAV01@ABV01@@Z
??0AMFPropertyInfoImpl@amf@@QAE@PB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22_NPBUAMFEnumDescriptionEntry@1@@Z
??0AMFPropertyInfoImpl@amf@@QAE@XZ
??0AMFPropertyInfoImpl@amf@@QAE@ABV01@@Z
AMFVariantAssignBool
AMFVariantAssignRate
?Clear@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@XZ
?AddTo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N1@Z
?CopyTo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N@Z
?HasProperty@AMFPropertyStorageExImpl@amf@@UBG_NPB_W@Z
?GetPropertyCount@AMFPropertyStorageExImpl@amf@@UBGHXZ
?GetPropertyAt@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@HPA_WIPAUAMFVariantStruct@2@@Z
?GetPropertiesInfoCount@AMFPropertyStorageExImpl@amf@@UBGIXZ
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAPBUAMFPropertyInfo@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@IPAPBUAMFPropertyInfo@2@@Z
?ValidateProperty@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@PAU42@@Z
?RegisterProperties@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@PAVAMFPropertyInfoImpl@2@I@Z
?SetPrivateProperty@AMFPropertyStorageExImpl@amf@@IAE?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?amf_string_formatVA@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WPAD@Z
?AMFTextureArrayIndexGUID@amf@@YGABU_GUID@@XZ
??0AMFPropertyStorageImpl@amf@@QAE@XZ
??1AMFPropertyStorageImpl@amf@@UAE@XZ
?SetProperty@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?GetProperty@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?HasProperty@AMFPropertyStorageImpl@amf@@UBG_NPB_W@Z
?GetPropertyCount@AMFPropertyStorageImpl@amf@@UBGHXZ
?GetPropertyAt@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@HPA_WIPAUAMFVariantStruct@2@@Z
?Clear@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@XZ
?AddTo@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N1@Z
?CopyTo@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N@Z
?OnPropertyChanged@AMFPropertyStorageImpl@amf@@UAGXPB_W@Z
AMFVariantCopy
?Get@AMFPerformanceMonitor@amf@@SGAAV12@XZ
?AMFGetResultText@amf@@YGPB_WW4AMF_RESULT@@@Z
??1AMFPropertyInfoImpl@amf@@UAE@XZ
??0AMFLock@amf@@QAE@PAVAMFSyncBase@1@K@Z
??1AMFLock@amf@@QAE@XZ
_amf_atomic_dec@4
AMFCreateComponent
_amf_atomic_inc@4
??_7AMFPropertyStorageEx@amf@@6BAMFPropertyStorage@1@@
_amf_free@4
??1AMFIOCapsImpl@amf@@UAE@XZ
?Acquire@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?Release@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?RefCount@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?QueryInterface@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAG?AW4AMF_RESULT@@ABUAMFGuid@2@PAPAX@Z
??0AMFIOCapsImpl@amf@@IAE@XZ
?GetWidthRange@AMFIOCapsImpl@amf@@UBGXPAH0@Z
?GetHeightRange@AMFIOCapsImpl@amf@@UBGXPAH0@Z
?GetVertAlign@AMFIOCapsImpl@amf@@UBGHXZ
?GetNumOfFormats@AMFIOCapsImpl@amf@@UBGHXZ
?GetFormatAt@AMFIOCapsImpl@amf@@UBG?AW4AMF_RESULT@@HPAW4AMF_SURFACE_FORMAT@2@PA_N@Z
?GetNumOfMemoryTypes@AMFIOCapsImpl@amf@@UBGHXZ
?GetMemoryTypeAt@AMFIOCapsImpl@amf@@UBG?AW4AMF_RESULT@@HPAW4AMF_MEMORY_TYPE@2@PA_N@Z
?IsInterlacedSupported@AMFIOCapsImpl@amf@@UBG_NXZ
?SetResolution@AMFIOCapsImpl@amf@@IAEXHHHH@Z
?amf_string_format@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WZZ
??0AMFCriticalSection@amf@@QAE@XZ
??1AMFCriticalSection@amf@@UAE@XZ
AMFTraceW
??0AMFPropertyStorageExImpl@amf@@QAE@XZ
??1AMFPropertyStorageExImpl@amf@@UAE@XZ
AMFVariantAssignInt64
?GetProperty@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?SetVertAlign@AMFIOCapsImpl@amf@@IAEXH@Z
?PopulateSurfaceFormats@AMFIOCapsImpl@amf@@IAEXHPBW4AMF_SURFACE_FORMAT@2@_N@Z
?PopulateMemoryTypes@AMFIOCapsImpl@amf@@IAEXHPBW4AMF_MEMORY_TYPE@2@_N@Z
?OnPropertyChanged@AMFPropertyStorageExImpl@amf@@UAGXPB_W@Z

msvcp110

?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr110

_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
_initterm_e
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
printf
calloc
free
_vswprintf_c_l
wcsncpy
swscanf
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
memmove
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
memset
_CxxThrowException
__CxxFrameHandler3
__crtTerminateProcess
memcpy

Exports

Exports

AMFCreateComponentInt

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d2c00798e339795b193284ac2041a4b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

amf-core-windesktop32

msvcp110

msvcr110

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB

.rmnet
Size: 56KB - Virtual size: 60KB