59f840b5bbaf63e8a4938ad53344042c16a1fbb84616de26bbad557f85c2a813

Sharing

Copy URL Twitter E-mail

General

Target

59f840b5bbaf63e8a4938ad53344042c16a1fbb84616de26bbad557f85c2a813
Size

253KB
MD5

7972581589d699750f72905e3729cf44
SHA1

ea16161fedaebcec703f85be9a5b3b8ede7a94e6
SHA256

59f840b5bbaf63e8a4938ad53344042c16a1fbb84616de26bbad557f85c2a813
SHA512

7b77d8f873ef3288f604ffc0f9d54fd0150d5444b66c42c4ffb6a1110f4f4ae4bb95f86da80465e798438bb193b69957a8dea487eaa3fb0f3ece1af79e9f1eaa
SSDEEP

3072:t/X3xTLkalV5NixYUSjOmF/pstBaDqwONnct437Bl3N2U4eivYu3:t/xTLBN82jOmF/p/uwONct43j92U4i

Score

1^/10

Malware Config

Signatures

Files

59f840b5bbaf63e8a4938ad53344042c16a1fbb84616de26bbad557f85c2a813
.exe windows x86

a3e30d27962d3d9e43f23be7fd01c102

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libvlc

libvlc_audio_get_mute
libvlc_audio_get_volume
libvlc_audio_set_mute
libvlc_audio_set_volume
libvlc_event_attach
libvlc_media_new_path
libvlc_media_player_event_manager
libvlc_media_player_get_length
libvlc_media_player_get_time
libvlc_media_player_new
libvlc_media_player_pause
libvlc_media_player_play
libvlc_media_player_release
libvlc_media_player_set_hwnd
libvlc_media_player_set_media
libvlc_media_player_set_time
libvlc_media_player_stop
libvlc_new
libvlc_release

mfc100ud

ord2744
ord4886
ord13122
ord9904
ord15963
ord12863
ord4037
ord13035
ord10077
ord16660
ord16659
ord16732
ord16750
ord16746
ord16748
ord16749
ord16747
ord2965
ord9045
ord3477
ord3480
ord14996
ord6879
ord3339
ord3340
ord3589
ord3590
ord11351
ord12309
ord11938
ord9973
ord13078
ord4270
ord9300
ord2273
ord976
ord939
ord359
ord957
ord3896
ord2075
ord5926
ord1780
ord8559
ord5625
ord14772
ord2295
ord15463
ord5378
ord15109
ord14889
ord15168
ord7553
ord14776
ord1003
ord1674
ord2555
ord8999
ord9352
ord302
ord7725
ord15459
ord14093
ord9754
ord12561
ord13508
ord11961
ord1340
ord4419
ord14191
ord7551
ord862
ord9052
ord11317
ord7017
ord1645
ord12447
ord8891
ord12500
ord1460
ord296
ord13988
ord8566
ord1095
ord15571
ord6487
ord7004
ord4291
ord457
ord13534
ord286
ord3204
ord291
ord6538
ord778
ord8216
ord7849
ord413
ord10196
ord13121
ord998
ord2698
ord4673
ord6758
ord13168
ord2966
ord15000
ord6881
ord3471
ord1432
ord8918
ord1439
ord8166
ord292
ord1434
ord267
ord5349
ord5361
ord5357
ord5353
ord5383
ord5374
ord5345
ord5387
ord7719
ord5332
ord5336
ord5369
ord4897
ord16667
ord4884
ord3241
ord15965
ord8692
ord15971
ord7563
ord12638
ord14929
ord6560
ord2873
ord13071
ord4142
ord3553
ord3552
ord3439
ord13117
ord6368
ord11153
ord10149
ord4555
ord2599
ord7232
ord417
ord8218
ord15979
ord4895
ord3409
ord2449
ord5276
ord2649
ord4613
ord1631
ord1619
ord5887
ord2205
ord9172
ord15998
ord2342
ord13398
ord7438
ord2204
ord1298
ord1064
ord1029
ord1062
ord1416
ord1400
ord1387
ord1030
ord8762
ord2250
ord1441
ord934
ord15191
ord4290
ord1451
ord1428
ord1449
ord9358
ord9264
ord13931
ord16444
ord5851
ord2561
ord13532
ord13533
ord15964
ord8691
ord15970
ord10338
ord4347
ord4288
ord14016
ord8712
ord2080
ord16763
ord12908
ord15841
ord13525
ord8765
ord16157
ord16154
ord16159
ord16156
ord16158
ord16155
ord4053
ord6535
ord13198
ord13206
ord4993
ord9053
ord11324
ord13216
ord13167
ord13997
ord5692
ord6079
ord6340
ord10291
ord6049
ord6343
ord5695
ord5914
ord5672
ord8467
ord8468
ord8458
ord5912
ord9057
ord11148
ord10148
ord4670
ord2695
ord14235
ord7542
ord991
ord11270
ord8374
ord1442
ord10175
ord3440
ord15144
ord13223
ord13221
ord1759
ord1766
ord1772
ord1770
ord1777
ord11924
ord5366
ord5341
ord5232
ord2480
ord2300

msvcr100d

_errno
_CrtDbgReport
free
_snprintf_s
_amsg_exit
__wgetmainargs
strcpy
_vsnprintf_s
_exit
_XcptFilter
_cexit
exit
_wcmdln
__CxxFrameHandler3
_vsnwprintf_s
_snwprintf_s
wcsncpy_s
strcpy_s
calloc
_recalloc
_time64
_mktime64
_gmtime64_s
_localtime64_s
memcmp
_wcsicmp
memmove_s
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
??_V@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
memmove
memcpy
memset
wcslen
malloc
printf
wcstombs
wcscpy
_wsplitpath_s
wcscpy_s
_wmakepath_s
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_CRT_RTC_INITW
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount

kernel32

Sleep
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
DecodePointer
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent
MultiByteToWideChar
RaiseException
lstrlenA
GetProcAddress
InterlockedDecrement
InterlockedIncrement
OpenFileMappingA
GetCurrentThread
CreateFileMappingA
MapViewOfFile
InterlockedExchange
UnmapViewOfFile
VirtualAlloc
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
OutputDebugStringW
OutputDebugStringA
OpenEventA
SetEvent
CloseHandle
MulDiv
LoadLibraryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapFree
HeapAlloc
GetProcessHeap
GetModuleFileNameW
VirtualQuery
GetModuleHandleW
FreeLibrary
EncodePointer
WideCharToMultiByte
GetSystemInfo

user32

GetWindowRect
SystemParametersInfoW
MoveWindow
GetSystemMetrics
CopyRect
IsRectEmpty
SubtractRect
UnionRect
PtInRect
IntersectRect
LoadImageW
OffsetRect
InflateRect
SetRect
SetRectEmpty
EqualRect

comctl32

InitCommonControlsEx

oleaut32

SysFreeString

msvcp100d

?_Xlength_error@std@@YAXPBD@Z
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Debug_message@std@@YAXPB_W0I@Z
?_Xout_of_range@std@@YAXPBD@Z

advapi32

OpenThreadToken
RevertToSelf
SetThreadToken

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3e30d27962d3d9e43f23be7fd01c102

Headers

DLL Characteristics

File Characteristics

Imports

libvlc

mfc100ud

msvcr100d

kernel32

user32

comctl32

oleaut32

msvcp100d

advapi32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 2KB

.idata Size: 9KB - Virtual size: 8KB

.rsrc Size: 105KB - Virtual size: 105KB

.reloc Size: 6KB - Virtual size: 5KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 2KB

.idata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 105KB - Virtual size: 105KB

.reloc
Size: 6KB - Virtual size: 5KB