mplayer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mplayer.exe
Size

9.4MB
MD5

52d38c75246506e77faf80a652cfb9af
SHA1

49f9181584f2f32b5c67717ac24f3b01035573e2
SHA256

7e4325936caa0c5cd534257f258d5b7fc11f5a9b802d8c6392a6c050a3f551a7
SHA512

e00133f788178d102e2ccbcfb6c336d2e251f497804d3998d9aa65b2e3996e547c3fef2bf52edb6d1e7af09c0e11b2bac47d41840e61eefd1217d34a1b4047f4
SSDEEP

196608:JJBy/0qFP8Ym+o3RunPtrLq9nLjwDEY1X4vT7p91F0Z13kuJy2nVGXE:/CxFmBeBLYLjNYV13kCY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mplayer.exe

Files

mplayer.exe
.exe windows x86

678937176b9c3683a686d7422a0b0d14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

CreateUpDownControl

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
GetDeviceCaps
GetPixel
GetPixelFormat
GetStockObject
SelectObject
SetBkMode
SetPixel
SetPixelFormat
StretchBlt
SwapBuffers

kernel32

AddAtomA
AllocConsole
CloseHandle
CreateEventA
CreateFileA
CreateThread
DeviceIoControl
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FreeConsole
FreeLibrary
GetACP
GetAtomNameA
GetConsoleScreenBufferInfo
GetCurrentProcess
GetDriveTypeA
GetFileAttributesA
GetFullPathNameA
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStdHandle
GetVersion
GetVolumeInformationA
HeapAlloc
HeapFree
LoadLibraryA
PeekNamedPipe
ReadConsoleInputA
ReadFile
ResetEvent
SetConsoleScreenBufferSize
SetConsoleTitleA
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetPriorityClass
SetUnhandledExceptionFilter
Sleep
TerminateThread
WaitForSingleObject

msvcrt

_chdir
_close
_fdopen
_fstat
_ftime
_getcwd
_lseek
_memccpy
_mkdir
_open
_read
_setmode
_stat
_strdup
_stricmp
_swab
_tempnam
_unlink
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_filbuf
_findclose
_findfirst
_findnext
_flsbuf
_ftime
_fullpath
_iob
_isctype
_lseeki64
_onexit
_pctype
_setjmp
_setmode
_snprintf
_stricmp
_strnicmp
_vsnprintf
abort
acos
asin
atexit
atof
atoi
atol
calloc
ceil
cos
cosh
ctime
exit
exp
fclose
feof
ferror
fflush
fgetc
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
freopen
frexp
fscanf
fseek
ftell
fwrite
getenv
gmtime
isalnum
isdigit
isxdigit
ldexp
localtime
log
log10
longjmp
malloc
memchr
memcpy
memmove
memset
mktime
perror
pow
printf
putchar
puts
qsort
rand
realloc
rename
rewind
setvbuf
signal
sin
sinh
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtod
strtok
strtol
strtoul
tan
tanh
time
tolower
toupper
ungetc
vfprintf
vsprintf

ole32

CoInitialize
CoUninitialize

opengl32

glBegin
glBindTexture
glBlendFunc
glCallList
glCallLists
glClear
glClearColor
glColor3f
glColor4ub
glDeleteLists
glDeleteTextures
glDepthMask
glDisable
glDrawBuffer
glEnable
glEnd
glEndList
glFinish
glFlush
glGenLists
glGenTextures
glGetError
glGetIntegerv
glGetString
glGetTexLevelParameteriv
glIsTexture
glLoadIdentity
glMatrixMode
glNewList
glOrtho
glPixelStorei
glPopMatrix
glPushMatrix
glScaled
glShadeModel
glTexCoord2f
glTexEnvf
glTexEnvi
glTexImage1D
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexSubImage2D
glVertex2f
glViewport
wglCreateContext
wglDeleteContext
wglGetProcAddress
wglMakeCurrent

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
ExtractIconA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

user32

AdjustWindowRect
AppendMenuA
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
EnableMenuItem
EnableWindow
EndPaint
EnumDisplaySettingsA
FillRect
FindWindowA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetMenuItemCount
GetMessageA
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
IsIconic
IsWindowVisible
KillTimer
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
PeekMessageA
PostMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
RegisterClassExA
ReleaseCapture
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetCapture
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
ShowCursor
ShowWindow
TrackPopupMenu
TranslateMessage
UnregisterClassA
UpdateWindow

winmm

timeGetTime
waveOutClose
waveOutGetVolume
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
connect
gethostbyname
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
ntohl
recv
select
send
setsockopt
socket

Sections

.text
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 475KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

678937176b9c3683a686d7422a0b0d14

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

opengl32

shell32

user32

winmm

ws2_32

Sections

.text Size: 6.9MB - Virtual size: 6.9MB

.data Size: 475KB - Virtual size: 474KB

.rodata Size: 512B - Virtual size: 336B

.rdata Size: 2.0MB - Virtual size: 2.0MB

.bss Size: - Virtual size: 1.3MB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 6.9MB - Virtual size: 6.9MB

.data
Size: 475KB - Virtual size: 474KB

.rodata
Size: 512B - Virtual size: 336B

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.bss
Size: - Virtual size: 1.3MB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 6KB