b4b899934c1817d44a81a352e88a7ff7ef93351df7f0d957ddc1a6427f9917f1

Sharing

Copy URL Twitter E-mail

General

Target

b4b899934c1817d44a81a352e88a7ff7ef93351df7f0d957ddc1a6427f9917f1
Size

420KB
MD5

b2dd95d2d7b95e91b6b43b91308edd05
SHA1

91d1e3717ab28567ab9f514b3ff6373ba46e48a7
SHA256

b4b899934c1817d44a81a352e88a7ff7ef93351df7f0d957ddc1a6427f9917f1
SHA512

99f48fb5d5be7e36a848c30231c54b08146524851721a7f12d9ba7d916f0ca9cad9e9438676fd23b32a37b2d9f6e3f7e586c6addba1c1fb56214a3223c9b6a7e
SSDEEP

12288:9DwoEMgAI4iKxncZVcWE4Bk0C77QnZtxq:9QCnvJ7EZtY

Score

N/A

Malware Config

Signatures

Files

b4b899934c1817d44a81a352e88a7ff7ef93351df7f0d957ddc1a6427f9917f1
.exe windows x86

870c8e626adde04f0a1d599844c05fa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libgstreamer-0.10

gst_object_get_type
gst_element_factory_get_type
gst_object_unref
gst_pipeline_get_bus
gst_deinit
gst_init
gst_element_get_state
gst_util_get_timestamp
gst_plugin_load_file
gst_parse_launch
gst_registry_get_default
gst_element_set_state
gst_element_set_start_time
gst_pipeline_get_type
gst_bus_add_watch
gst_plugin_feature_list_free
gst_element_seek_simple
gst_registry_get_feature_list_by_plugin
gst_plugin_feature_get_type

ws2_32

bind
closesocket
__WSAFDIsSet
socket
recv
WSACleanup
shutdown
ntohs
htons
select
htonl
ntohl
WSAStartup
accept
listen
send
ioctlsocket
connect
inet_ntoa
gethostbyname

libglib-2.0-0

g_main_loop_quit
g_free
g_strdup_printf
g_main_loop_is_running
g_rand_new
g_rand_free
g_main_loop_run
g_rand_int_range
g_error_free
g_file_test_utf8
g_main_loop_new
g_timeout_add

libgobject-2.0-0

g_type_check_instance_cast
g_type_check_instance_is_a

libgthread-2.0-0

g_thread_init

msvcrt

_popen
isprint
fgets
_read
fread
fprintf
_vsnprintf
localtime
isdigit
strftime
_fileno
_iob
ferror
strrchr
toupper
strspn
_get_osfhandle
time
strcspn
realloc
fseek
getenv
isxdigit
_close
_fdopen
memset
memcpy
__getmainargs
_cexit
_exit
_XcptFilter
exit
_initterm
_amsg_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
isalnum
?terminate@@YAXXZ
_controlfp
_pipe
_wfopen
fflush
memchr
mktime
strchr
_strtoi64
malloc
_pclose
qsort
calloc
isspace
free
strncmp
memmove
sscanf
fputc
setbuf
fclose
atof
fwrite
fopen
atoi
strstr
strerror
sprintf
_errno
fgetc
tolower

kernel32

PulseEvent
FindFirstFileW
GetCurrentProcess
CreateDirectoryW
WaitForSingleObject
SetEvent
WideCharToMultiByte
LoadLibraryW
CreateEventA
GetFileAttributesW
CreateProcessA
TerminateProcess
MultiByteToWideChar
GetLastError
SetLastError
GetProcAddress
FindClose
WaitForMultipleObjects
CreateMutexA
FindNextFileW
GetFileAttributesExW
GetCurrentThreadId
DuplicateHandle
ReleaseMutex
CloseHandle
DeleteFileW
CreateThread
RtlUnwind
InterlockedExchange
InterlockedCompareExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 496KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

870c8e626adde04f0a1d599844c05fa4

Headers

DLL Characteristics

File Characteristics

Imports

libgstreamer-0.10

ws2_32

libglib-2.0-0

libgobject-2.0-0

libgthread-2.0-0

msvcrt

kernel32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 180KB - Virtual size: 180KB

.vmp0 Size: 192KB - Virtual size: 496KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 180KB - Virtual size: 180KB

.vmp0
Size: 192KB - Virtual size: 496KB