4d92ce889dafe1733c3807c902a351a103b13a74d1455d7da2558d35ada2d1d8

Sharing

Copy URL

Twitter E-mail

General

Target

4d92ce889dafe1733c3807c902a351a103b13a74d1455d7da2558d35ada2d1d8
Size

2.3MB
MD5

08ce3593779c42078becf5b060aa9070
SHA1

eff8ed81f5a10b3f6fbd4f2a2ed2071a29b9cacd
SHA256

4d92ce889dafe1733c3807c902a351a103b13a74d1455d7da2558d35ada2d1d8
SHA512

83ac81c7342fc050bb3f21512dbc9dfeff8319f1281dea69b479951a95592e87e2d3f078845ce47332b5adae5e12a36803e608418836aa11a4fe74f35b19dd9e
SSDEEP

49152:jI/1C6A+tmKsHCXrs5tiTRbYZwyokteFCMn:csLHCidlt1Mn

Score

N/A

Malware Config

Signatures

Files

4d92ce889dafe1733c3807c902a351a103b13a74d1455d7da2558d35ada2d1d8
.exe windows x86

08443e5b512ce3ed0eea39b4c2974f66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

trencoder

ord2
ord3
ord4
ord1

trmediainfo

ord2

trplayer

?DestroyITRPlayer@@YAXPAVITRPlayer@@@Z
?CreateITRPlayer@@YAPAVITRPlayer@@XZ

videoeffects

?DestroyIvideoeffects@@YAXPAVIvideoeffects@@@Z
?CreateIvideoeffects@@YAPAVIvideoeffects@@XZ

trsubreader

CreateITRSubBlender

trmediaprofiles

?get_vcodec_param@tr_mediaprofileset@@QAEAAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@Vvcodec_param@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@Vvcodec_param@@@std@@@2@@std@@XZ
?get_value@vcodec_param@@QAEPB_WPB_W@Z
?has_vcodec@tr_mediaprofile@@QAE_NXZ
?get_acodec_value@tr_mediaprofile@@QAEPB_WPB_W@Z
?get_vcodec_value@tr_mediaprofile@@QAEPB_WPB_W@Z
??1tr_mediaprofileset@@QAE@XZ
?get_main@tr_mediaprofileset@@QAEAAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@std@@@2@@std@@XZ
?tkv_get_value@@YAPB_WAAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@std@@@2@@std@@PB_W@Z
?load@tr_mediaprofileset@@QAE_NPB_W@Z
??0tr_mediaprofileset@@QAE@XZ
?save@tr_mediaprofileset@@QAE_NPB_W@Z
?get_nr@vcodec_param@@QAEPB_WPB_W0@Z
?get_value@tr_mediaprofile@@QAEPB_WPB_W@Z
?find_profile@tr_mediaprofileset@@QAEPAVtr_mediaprofile@@PB_W@Z
?get_profiles@tr_mediaprofileset@@QAEAAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@Vtr_mediaprofile@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@Vtr_mediaprofile@@@std@@@2@@std@@XZ
??1tr_mediaprofile@@QAE@XZ
??0tr_mediaprofile@@QAE@XZ
??0tr_mediaprofile@@QAE@ABV0@@Z
?has_acodec@tr_mediaprofile@@QAE_NXZ
?set_acodec_value@tr_mediaprofile@@QAEHPB_W0@Z
?set_vcodec_value@tr_mediaprofile@@QAEHPB_W0@Z
?add_profile@tr_mediaprofileset@@QAE_NAAVtr_mediaprofile@@@Z
?remove_profile@tr_mediaprofileset@@QAE_NPB_W@Z
?find_audio_channels@tr_mediaprofileset@@QAEPAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$pair@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@2@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$pair@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@2@@std@@@2@@std@@PB_W00@Z
?clone_profile@tr_mediaprofileset@@QAE_NPB_WAAVtr_mediaprofile@@@Z
?set_value@tr_mediaprofile@@QAEHPB_W0@Z

troprmediafmt

_select_mediaprofile2@20

trcrptutil

tr_hash_file

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapAlloc
HeapFree
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
Sleep
ExitProcess
GetDriveTypeA
GetFullPathNameA
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeFormatA
GetDateFormatA
LCMapStringA
GetConsoleCP
GetConsoleMode
GetFileAttributesA
CreateFileA
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetCurrentDirectoryA
SetStdHandle
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
FileTimeToSystemTime
GetThreadLocale
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
lstrcmpA
InterlockedDecrement
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
MulDiv
RaiseException
InterlockedExchange
LocalAlloc
GetTickCount
GlobalFree
LoadLibraryA
ExpandEnvironmentStringsA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpynW
CreateFileW
LocalFree
FormatMessageW
GetModuleFileNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetFileAttributesW
GetTempFileNameW
GetTempPathW
WritePrivateProfileStringW
GetPrivateProfileStringW
CreateDirectoryW
WideCharToMultiByte
CloseHandle
GetExitCodeThread
WaitForSingleObject
ResumeThread
DeleteFileW
CreateProcessW
lstrcatW
FreeLibrary
GetWindowsDirectoryW
lstrcmpiW
lstrlenW
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCPInfo
lstrlenA
GetVersionExW
GetVersion
MultiByteToWideChar
DeleteFileA

user32

ShowWindow
CheckMenuItem
EnableMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowDC
BeginPaint
EndPaint
GetWindowThreadProcessId
DestroyMenu
ValidateRect
TranslateMessage
GetMessageW
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
UnregisterClassW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
CharUpperW
RegisterClipboardFormatW
PostThreadMessageW
MoveWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetMenu
SetForegroundWindow
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetWindow
SetFocus
GetMenuStringW
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
EndDialog
GetClipboardData
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetKeyState
IsClipboardFormatAvailable
UpdateWindow
GetFocus
ScreenToClient
GetCursorPos
KillTimer
SetScrollPos
BringWindowToTop
RegisterWindowMessageW
DrawIcon
IsIconic
SetTimer
GetSystemMenu
LoadIconW
wvsprintfW
CopyIcon
LoadCursorW
IsWindow
SetWindowLongW
SetCapture
RedrawWindow
ReleaseCapture
PtInRect
MessageBeep
IntersectRect
IsRectEmpty
SetRectEmpty
FrameRect
LoadImageW
CreateIconIndirect
GetIconInfo
DrawStateW
OffsetRect
GetClientRect
DrawFocusRect
InflateRect
PostMessageW
GetWindowRect
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageW
GetWindowLongW
DestroyCursor
GrayStringW
DrawTextExW
TabbedTextOutW
GetSubMenu
LoadBitmapW
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuW
GetMenuItemCount
AppendMenuW
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
DestroyIcon
DrawIconEx
SystemParametersInfoW
DrawTextW
GetMenuItemInfoW
SetRect
DrawEdge
FillRect
GetSysColor
CopyRect
EnableWindow
MessageBoxW

gdi32

SetTextColor
PlgBlt
GetBkColor
GetTextColor
GetCurrentObject
SetBoundsRect
SetStretchBltMode
StretchBlt
CreateRectRgn
GetMapMode
SetWinMetaFileBits
DeleteEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
GetDIBits
PlayEnhMetaFile
RealizePalette
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
GetViewportExtEx
SetBkColor
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
GetStockObject
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetRgnBox
GetWindowExtEx
CreateBitmap
SetBkMode
RestoreDC
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
PatBlt
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
SaveDC
StretchDIBits
CreateFontW
GetCharWidthW
GetClipBox
GetEnhMetaFilePaletteEntries
CreatePalette
SelectPalette
BitBlt
CreateCompatibleBitmap
SetWindowExtEx
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueW

shell32

SHGetFolderPathW
DragFinish
DragQueryFileW
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ShellExecuteExW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoUninitialize
CoInitializeEx
StgCreateDocfileOnILockBytes

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarDateFromStr
VarUdateFromDate
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy

winmm

PlaySoundW

ws2_32

htonl
ntohs
ntohl
htons

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08443e5b512ce3ed0eea39b4c2974f66

Headers

DLL Characteristics

File Characteristics

Imports

trencoder

trmediainfo

trplayer

videoeffects

trsubreader

trmediaprofiles

troprmediafmt

trcrptutil

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

ws2_32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 339KB - Virtual size: 338KB

.data Size: 25KB - Virtual size: 73KB

.rsrc Size: 606KB - Virtual size: 605KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 339KB - Virtual size: 338KB

.data
Size: 25KB - Virtual size: 73KB

.rsrc
Size: 606KB - Virtual size: 605KB