libvlc[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

libvlc.bin
Size

16KB
MD5

13b27ec0542b93e00aa77f0964cacadc
SHA1

d7f2f08915f2552b327b35f5e54069a2166952bc
SHA256

7aa1fc3a6595ff3dc3be82e832b7b1309fc7f2749f280ea67b5278c32f841684
SHA512

299f7e026aa558dbca211ae116d06bfbba2b67f3f2018202e7bf260e1dd78ad9c3e339cabb585b38c9f0b6e724b92ef85177dee29467d480f60ccd46e2d86f5a
SSDEEP

384:yzRRlGVe0xKkTDuEcA/SGw272rRrKGXvOZz/78RX:7ew5T6i3wV5Xmtj8

Score

1^/10

Malware Config

Signatures

Files

libvlc.bin
.dll windows x64

819a705284fb7241bb2a22b3606b0f65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlCreateProcessParametersEx
RtlCreateUserProcess
RtlFreeHeap
RtlImageRvaToVa
RtlImageDirectoryEntryToData
RtlImageNtHeader
RtlAnsiStringToUnicodeString
RtlFreeUnicodeString
NtWriteFile
NtCreateFile
NtQueryInformationProcess
RtlEqualUnicodeString
NtMapViewOfSection
NtCreateSection
NtWriteVirtualMemory
__C_specific_handler
sprintf
RtlAllocateHeap
RtlExitUserThread
RtlExitUserProcess
NtCreateThreadEx
NtFreeVirtualMemory
NtAllocateVirtualMemory
NtDelayExecution
strstr
RtlInitUnicodeString
NtReadFile
NtResumeThread
NtOpenProcess
NtQuerySystemInformation
NtCreateTransaction
RtlSetCurrentTransaction
RtlDosPathNameToNtPathName_U
NtClose
RtlQueryEnvironmentVariable
memset
strchr

kernel32

RegGetValueW
GetUserGeoID
GetGeoInfoW
CreateProcessA
WaitForSingleObject
CreatePipe
SetHandleInformation
GetFileSize
GetProcAddress
GetTempFileNameW
RegGetValueA
RegSetValueExW
RegCreateKeyExW
RegCreateKeyExA
GetModuleHandleW
CreateMutexA
AddVectoredExceptionHandler
GetLastError
GetTempPathW

winhttp

WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpQueryHeaders

msvcr120

printf

Exports

Exports

init
libvlc_add_intf
libvlc_new
libvlc_playlist_play
libvlc_release
libvlc_set_app_id
libvlc_set_user_agent
libvlc_wait

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

819a705284fb7241bb2a22b3606b0f65

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

winhttp

msvcr120

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 160B

.pdata Size: 512B - Virtual size: 300B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 160B

.pdata
Size: 512B - Virtual size: 300B

.reloc
Size: 512B - Virtual size: 12B