GNUW-sam[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

GNUW-sam.zip
Size

418KB
MD5

2813adae775a8f14660cffb4ecdc2ed5
SHA1

52dd0d11f9c550f50a5a76d9918e1e4cb24ce16b
SHA256

d31f1ed3706173b76ed28b5ab49c4d6c139a3337757ea8b28db49a3a1f24316e
SHA512

cba0ea212ae39eae47d79c4fc4cf95fd738e602f2583d47a955c364fa6b5010ab2a7d98cd4bf88c91766ae63037136034b971f99d44d712ef6c548f049a5dab9
SSDEEP

6144:vG6m5q++d5i36MrpI8m38x3vnPn9w5LoZu5q1durBJ34FjqFmcDD8lllbq51eV:e6F+YoFIlYP1w5Lp4FjqFmcUdbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bf48f0e9457f91fe4763fc411fba615f9affd01dd9ccd47a8c18cc3bfd10a21b

Files

GNUW-sam.zip
.zip

Password: infected
bf48f0e9457f91fe4763fc411fba615f9affd01dd9ccd47a8c18cc3bfd10a21b
.dll windows:6 windows x86

d0766c89a072f4d915437428c2a433f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

PrefetchVirtualMemory
HeapLock
GetProcessIdOfThread
SetFileTime
GetUserDefaultLangID
GetModuleFileNameW
OpenPrivateNamespaceW
WakeConditionVariable
CreateThreadpoolIo
PurgeComm
WaitForMultipleObjects
GetCommModemStatus
RequestWakeupLatency
AddScopedPolicyIDAce
SetThreadUILanguage
SetConsoleWindowInfo
GetNumaProcessorNodeEx
CheckTokenCapability
LocalHandle
DeleteTimerQueueEx
GetConsoleFontSize
CompareStringOrdinal
SetSystemFileCacheSize
InitializeCriticalSectionAndSpinCount
GetThreadPreferredUILanguages
DeleteAtom
GetProcessVersion
GetNamedPipeClientProcessId
GetDynamicTimeZoneInformation
LeaveCriticalSection
CreatePipe
InitializeCriticalSection
AllocateUserPhysicalPages
Wow64GetThreadContext
SetErrorMode
InitializeConditionVariable
EnumUILanguagesW
GetNumaAvailableMemoryNode
GetQueuedCompletionStatus
FlsGetValue
GetEnvironmentVariableW
SetEndOfFile
GetSystemPowerStatus
FindFirstFileTransactedW
WaitForThreadpoolIoCallbacks
UnlockFileEx
CreateBoundaryDescriptorW
FatalExit
GetTempPathW
GetWriteWatch
TrySubmitThreadpoolCallback
GetLargePageMinimum
SystemTimeToTzSpecificLocalTimeEx
CreateHardLinkW
GetConsoleScreenBufferInfoEx
FindClose
IsNLSDefinedString
GetVolumePathNameW
GetCommMask
LocalAlloc
CreateFileW
GetDateFormatEx
GetFileAttributesW
GetNumberFormatEx
MapViewOfFileExNuma
OpenEventW
GetVersionExW
GetPrivateProfileSectionNamesW
QueryThreadCycleTime
ReleaseMutex
GetUserPreferredUILanguages
WaitForThreadpoolWorkCallbacks
ApplicationRecoveryFinished
SetupComm
GetSystemDirectoryW
SetSearchPathMode
FreeEnvironmentStringsW
HeapWalk
IsBadCodePtr
QueryMemoryResourceNotification
GlobalDeleteAtom
ContinueDebugEvent
Wow64EnableWow64FsRedirection
MapUserPhysicalPages
GetApplicationRecoveryCallback
HeapValidate
IsProcessInJob
PrepareTape
DisconnectNamedPipe
FreeResource
LCIDToLocaleName
OpenProcess
HeapSize
SetProcessMitigationPolicy
GetNamedPipeInfo
SwitchToFiber
CancelWaitableTimer
SetFileAttributesW
IsValidCodePage
EndUpdateResourceW
SetFileAttributesTransactedW
ConvertThreadToFiberEx
MultiByteToWideChar
CloseThreadpoolCleanupGroupMembers
GetSystemWow64DirectoryW
GetPrivateProfileStringW
Sleep
GetConsoleMode
GetFileInformationByHandle
QueryThreadProfiling
BuildCommDCBAndTimeoutsW
FormatMessageW
GetTimeZoneInformation
LocalFileTimeToFileTime
ReadThreadProfilingData
SetConsoleScreenBufferInfoEx
EnumSystemLanguageGroupsW
PowerCreateRequest
GetDevicePowerState
GetTickCount64
BuildCommDCBW
VerifyScripts
OpenWaitableTimerW
MoveFileWithProgressW
SetCalendarInfoW
GetMaximumProcessorCount
Wow64RevertWow64FsRedirection
FlsSetValue
GetLastError
GetLargestConsoleWindowSize
GetCurrencyFormatEx
SetUserGeoID
CreateFileTransactedW
ChangeTimerQueueTimer
GetCalendarInfoW
EscapeCommFunction
UpdateProcThreadAttribute
GetConsoleAliasesLengthW
SetThreadpoolThreadMaximum
SetConsoleCursorInfo
GetLogicalProcessorInformationEx
ReleaseSRWLockExclusive
SetCriticalSectionSpinCount
GetConsoleDisplayMode
GetConsoleProcessList
AddResourceAttributeAce
SetFileInformationByHandle
OutputDebugStringW
FindNextVolumeMountPointW
WaitCommEvent
FillConsoleOutputCharacterW
ReadConsoleInputW
SetThreadpoolTimerEx
FlushViewOfFile
GetThreadUILanguage
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetNumaNodeProcessorMask
GetDiskFreeSpaceExW
OfferVirtualMemory
DisableThreadLibraryCalls
GetCurrentThread
ReadConsoleOutputW
InitOnceComplete
GetNumaProximityNodeEx
EnumDateFormatsExEx
FindCloseChangeNotification
lstrcatW
GetApplicationRestartSettings
GetTapeParameters
DefineDosDeviceW
LockResource
EnumResourceNamesExW
GetCommState
GlobalFlags
CreateHardLinkTransactedW
GlobalAlloc
InterlockedPushListSListEx
TransmitCommChar
GetSystemDEPPolicy
HeapReAlloc
CloseHandle
SetThreadpoolTimer
ReleaseSRWLockShared
ReleaseMutexWhenCallbackReturns
GetNativeSystemInfo
GetNumberFormatW
EnumResourceLanguagesW
FindNLSStringEx
FreeConsole
GetSystemInfo
PowerClearRequest
GetProcessHeaps
SetThreadpoolWait
ReadFileEx
FindResourceExW
SetComputerNameW
GetActiveProcessorCount
LoadResource
DeleteProcThreadAttributeList
EnumDateFormatsExW
HeapAlloc
Wow64SuspendThread
DeleteSynchronizationBarrier
WaitForDebugEvent
FatalAppExitW
GetDefaultCommConfigW
GetUserGeoID
GetMemoryErrorHandlingCapabilities
GetQueuedCompletionStatusEx
GetCurrentDirectoryW
GetProcessPreferredUILanguages
SetStdHandle
GetCurrentConsoleFontEx
CloseThreadpoolIo
SetCommMask
HeapCompact
VirtualProtectEx
SetVolumeMountPointW
AddVectoredExceptionHandler
SetFirmwareEnvironmentVariableW
FindNextFileNameW
HeapDestroy
IsThreadAFiber
GetCurrentProcessorNumber
UnlockFile
SubmitThreadpoolWork
SetLocaleInfoW
InitAtomTable
WriteConsoleW
GetErrorMode
SetThreadPriorityBoost
VirtualLock
Beep
GetProcAddress
GlobalLock
SetFilePointerEx
VirtualAllocEx
CreateMutexExW
UnregisterWaitEx
GetProcessorSystemCycleTime
SetFileApisToOEM
AcquireSRWLockShared
IsProcessorFeaturePresent
GetFileSize
SetDefaultCommConfigW
CreateMemoryResourceNotification
DeleteCriticalSection
ExitProcess
GetComputerNameW
SetProtectedPolicy
DisableThreadProfiling
SetConsoleCP
FindFirstStreamW
GetCurrentProcessId
CopyFile2
GetProcessHeap
SystemTimeToFileTime
GlobalMemoryStatusEx
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
FreeLibrary
SetFirmwareEnvironmentVariableExW
CreateSemaphoreW
IsValidLanguageGroup
TransactNamedPipe
FlushInstructionCache
GetNumaProximityNode
WideCharToMultiByte
CreateSymbolicLinkW
GetConsoleWindow
SetCommBreak
lstrcpyW
WinExec
DeleteBoundaryDescriptor
SleepConditionVariableSRW
RemoveVectoredContinueHandler
LocaleNameToLCID
FreeUserPhysicalPages
QueryFullProcessImageNameW
ReadConsoleOutputCharacterW
CommConfigDialogW
LocalReAlloc
GetFileMUIInfo
SetConsoleOutputCP
ConvertFiberToThread
AddAtomW
EnumSystemGeoID
TerminateJobObject
DeleteTimerQueueTimer
LocalFlags
GetDiskFreeSpaceExA
GetSystemTime
GlobalMemoryStatus
SetThreadErrorMode
VirtualFreeEx
CreateWaitableTimerExW
DebugBreak
SetProcessWorkingSetSize
CreateFileMappingW
GetTapeStatus
SetConsoleCursorPosition
GetProcessPriorityBoost
GetSystemWindowsDirectoryW
GetNumaNodeProcessorMaskEx
SetThreadContext
SetFileValidData
QueryPerformanceCounter
CreateMailslotW
GetStringTypeW
GetDateFormatW
InitializeSListHead
GetSystemPreferredUILanguages
FreeLibraryWhenCallbackReturns
OpenMutexW
GetTickCount
CreateFiberEx
GetTimeZoneInformationForYear
FlsFree
SetCommState
SetDllDirectoryW
SetCommConfig
AllocConsole
lstrcmpW
GetDllDirectoryW
GetStringTypeA
GetProcessHandleCount
FlsAlloc
SetConsoleTitleW
InitializeSynchronizationBarrier
MapViewOfFileEx
GetFirmwareEnvironmentVariableW
RegisterBadMemoryNotification
MoveFileW
VirtualQuery
RegisterApplicationRestart
CheckNameLegalDOS8Dot3W
InterlockedPopEntrySList
OpenThread
LoadLibraryExW
DebugBreakProcess
GetConsoleSelectionInfo
ConnectNamedPipe
VirtualQueryEx
ReadConsoleOutputAttribute
WriteConsoleOutputCharacterW
CreateDirectoryExW
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
GetEnvironmentStringsW
GetCommandLineA
GetACP
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetFileAttributesExW
WaitForSingleObject
ReadConsoleW
PeekConsoleInputA
GetNumberOfConsoleInputEvents
SetConsoleMode
HeapFree
GetFileType
GetModuleHandleExW
GetConsoleCP
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RaiseException
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LCMapStringEx
DecodePointer
EncodePointer
EnterCriticalSection
GetSystemTimeAsFileTime
InitializeCriticalSectionEx
GetCurrentThreadId
QueryPerformanceFrequency
TerminateProcess
GetNumberOfConsoleMouseButtons
VirtualAlloc
SetFileBandwidthReservation
RtlPcToFileHeader
GetPrivateProfileIntW
GetTimeFormatEx
SetCurrentConsoleFontEx
GetConsoleCursorInfo
GetAppContainerNamedObjectPath
ExpandEnvironmentStringsW
SetTimeZoneInformation
RegisterWaitForSingleObject
DeleteTimerQueue
CheckTokenMembershipEx
TryAcquireSRWLockExclusive
GetThreadIdealProcessorEx
TzSpecificLocalTimeToSystemTimeEx
Wow64DisableWow64FsRedirection
WriteFile
CreateFileMappingNumaW
SetDynamicTimeZoneInformation
GetCPInfo
SetFileShortNameW
ReleaseSemaphore
GetThreadErrorMode
GetStdHandle
lstrlenW
GetConsoleOutputCP
GetLongPathNameW
FindNextFileW
GetFullPathNameW
SetSystemPowerState
IsDBCSLeadByteEx
IsThreadpoolTimerSet
SetConsoleActiveScreenBuffer
GetCommandLineW
RtlCaptureContext
AddDllDirectory
FindFirstFileNameW
CreateEventExW
GetPhysicallyInstalledSystemMemory
SetPriorityClass
SetLastError
CreateDirectoryTransactedW
CreateSemaphoreExW
CallNamedPipeW
CopyFileTransactedW
VirtualProtect
SetThreadDescription
MapUserPhysicalPagesScatter
SetWaitableTimer
EraseTape
LoadModule
NeedCurrentDirectoryForExePathW
GetBinaryTypeW
FindFirstFileExW
EnumResourceLanguagesExW
WritePrivateProfileStringW
CreateTimerQueueTimer
WriteProcessMemory
CreateThreadpool
InitOnceExecuteOnce
GetFileSizeEx
FindFirstFileW
GlobalHandle
CompareFileTime
NotifyUILanguageChange
EnumTimeFormatsEx
StartThreadpoolIo
GetOEMCP
GetCurrentProcessorNumberEx
CloseThreadpoolWork
QueryInformationJobObject
GetNamedPipeServerSessionId
QueryThreadpoolStackInformation
LocalLock
GetLogicalDrives
SetInformationJobObject
EnumTimeFormatsW
GetConsoleAliasExesLengthW
SetConsoleCtrlHandler
TryEnterCriticalSection
RemoveDirectoryTransactedW
QueryDosDeviceW
BackupWrite
GetCommConfig
FindStringOrdinal
GetProcessWorkingSetSizeEx
IsValidNLSVersion
ReadFile
SetSystemTimeAdjustment
GetCPInfoExW
GetStartupInfoW
GetPrivateProfileStructW
SetThreadAffinityMask
CreateDirectoryW
SleepConditionVariableCS
SetProcessPriorityBoost
GetNumaHighestNodeNumber
QueueUserAPC
AreFileApisANSI
SetEnvironmentVariableW

user32

GetMenuState
ModifyMenuW
UnregisterHotKey
GetMessageExtraInfo
CreateIconFromResourceEx
GetFocus
GetDC
GetCaretPos
GrayStringW
DdeUnaccessData
GetIconInfoExW
SetWindowPos
GetClipboardViewer
SetActiveWindow
ValidateRgn
LockSetForegroundWindow
EnumDisplayMonitors
FillRect
CreateWindowExW
ShowOwnedPopups
ScreenToClient
WaitForInputIdle
GetSystemMetrics
UnregisterClassW
SetWindowTextW
DefWindowProcW
SetMenuItemBitmaps
RegisterClassExW
TileWindows
GetWindowPlacement
GetKeyboardState
GetSubMenu
ShowWindow
GetListBoxInfo
DispatchMessageW
wvsprintfW
UnregisterPointerInputTargetEx
EnableMouseInPointer
DdeCreateStringHandleW
DestroyIcon
GetMenuCheckMarkDimensions
GetScrollRange
GetInputState
DdeGetLastError
GetKeyboardLayoutNameW
ClientToScreen
SetMenuItemInfoW
DestroyAcceleratorTable
EnumPropsExW
SetClassWord
DdeAddData
GetMessageW
GetWindowTextLengthW
DrawAnimatedRects
MessageBeep
GetWindowRgn
UnregisterPowerSettingNotification
BroadcastSystemMessageExW
GetMenuContextHelpId
TrackMouseEvent
DdeDisconnectList
SetProcessRestrictionExemption
GetKBCodePage
LoadKeyboardLayoutW
ToUnicodeEx
GetSysColor
EnumClipboardFormats
IsDlgButtonChecked
UpdateLayeredWindowIndirect
WinHelpW
LoadBitmapW
DestroyMenu
GetMouseMovePointsEx
DrawTextExW
LockWindowUpdate
SetLayeredWindowAttributes
IntersectRect
BringWindowToTop
GetUpdateRect
RegisterRawInputDevices
TranslateMessage
LoadIconW
FindWindowW
LoadCursorW
IsGUIThread
DestroyCaret
SetParent
AnimateWindow
SetWindowsHookExW
SwitchDesktop
SetWindowLongW
GetClientRect
GetMenuItemRect
DrawTextW
GetCaretBlinkTime
DrawCaption
DdeNameService
PostQuitMessage
EnumDisplaySettingsW
SetScrollPos
CascadeWindows
UpdateWindow
ReleaseCapture
DdeQueryNextServer
ShowCursor
InvalidateRect
GetRawInputDeviceList
IsIconic
ReleaseDC
IsCharUpperW
GetGUIThreadInfo
BeginPaint
CharNextExA
EndPaint

gdi32

GetBoundsRect
TextOutW
GetTextExtentPoint32W
SetTextColor
SetMapperFlags
AngleArc
SetBkMode
AddFontResourceW
GetEnhMetaFilePaletteEntries
SelectPalette
CreatePen
DrawEscape
SetPaletteEntries
ExtCreatePen
Rectangle
SelectClipRgn
SetMetaFileBitsEx
CreatePalette
GetTextExtentExPointI
SetDIBits
SetArcDirection
RectInRegion
ExcludeClipRect
SetBkColor
RestoreDC
LPtoDP
CreatePenIndirect
PtInRegion
GetGlyphOutlineW
DeleteObject
CreateSolidBrush
ArcTo
ExtSelectClipRgn
CreateFontIndirectW
GetRandomRgn
GetCharWidthI
GetOutlineTextMetricsW
Escape
GdiComment
DeleteMetaFile
ExtTextOutW
SetTextCharacterExtra
DPtoLP
GetCharWidthW
GetViewportOrgEx
SetPixelV
OffsetRgn
GetPixel
GetSystemPaletteEntries
SetPolyFillMode
EqualRgn
StrokeAndFillPath
CreateScalableFontResourceW
GetTextCharsetInfo
SetMiterLimit
CreatePolyPolygonRgn
GetDIBits
GetWinMetaFileBits
GetArcDirection
OffsetViewportOrgEx
SelectClipPath
GetBitmapBits
SetWindowExtEx
CreateRoundRectRgn
CreateRectRgnIndirect
GetTextCharset
SetLayout
CopyEnhMetaFileW
ResetDCW
PlayEnhMetaFile
EnumFontsW
LineDDA
BeginPath
GetColorAdjustment
SetMetaRgn
CreateDIBitmap
AbortDoc
GetClipRgn
FrameRgn
AbortPath
SetGraphicsMode
GetLayout
CreateBitmapIndirect
CreateICW
RectVisible
CreateCompatibleDC
RemoveFontResourceW
CloseMetaFile
GetKerningPairsW
GetDIBColorTable
GetWorldTransform
StartPage
SelectObject
Pie
SaveDC
GetFontUnicodeRanges
CreateCompatibleBitmap
EnumEnhMetaFile
BitBlt
SetBrushOrgEx
DeleteDC

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Exports

OSK_GetKeyboardData
OSK_GetVersion
OSK_ListKeyboards
__memset_chk
__snprintf_chk
__sprintf_chk
__strcat_chk
av_add_i
av_add_q
av_add_stable
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_iv
av_aes_ctr_set_random_iv
av_aes_init
av_aes_size
av_ambient_viewing_environment_alloc
av_ambient_viewing_environment_create_side_data
av_append_path_component
av_asprintf
av_assert0_fpu
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_peek
av_audio_fifo_peek_at
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_alloc
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_buffer_get_opaque
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_camellia_alloc
av_camellia_crypt
av_camellia_init
av_camellia_size
av_cast5_alloc
av_cast5_crypt
av_cast5_crypt2
av_cast5_init
av_cast5_size
av_channel_description
av_channel_description_bprint
av_channel_from_string
av_channel_layout_channel_from_index
av_channel_layout_channel_from_string
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_default
av_channel_layout_describe
av_channel_layout_describe_bprint
av_channel_layout_extract_channel
av_channel_layout_from_mask
av_channel_layout_from_string
av_channel_layout_index_from_channel
av_channel_layout_index_from_string
av_channel_layout_standard
av_channel_layout_subset
av_channel_layout_uninit
av_channel_name
av_channel_name_bprint
av_chroma_location_enum_to_pos
av_chroma_location_from_name
av_chroma_location_name
av_chroma_location_pos_to_enum
av_cmp_i
av_color_primaries_from_name
av_color_primaries_name
av_color_range_from_name
av_color_range_name
av_color_space_from_name
av_color_space_name
av_color_transfer_from_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_content_light_metadata_create_side_data
av_cpu_count
av_cpu_force_count
av_cpu_max_align
av_crc
av_crc_get_table
av_crc_init
av_csp_approximate_trc_gamma
av_csp_luma_coeffs_from_avcsp
av_csp_primaries_desc_from_id
av_csp_primaries_id_from_desc
av_csp_trc_func_from_id
av_d2q
av_default_get_category
av_default_item_name
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_detection_bbox_alloc
av_detection_bbox_create_side_data
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_iterate
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_display_matrix_flip
av_display_rotation_get
av_display_rotation_set
av_div_i
av_div_q
av_dovi_alloc
av_dovi_metadata_alloc
av_downmix_info_update_side_data
av_dynamic_hdr_plus_alloc
av_dynamic_hdr_plus_create_side_data
av_dynamic_hdr_vivid_alloc
av_dynamic_hdr_vivid_create_side_data
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_info_get_side_data
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_count_func
av_expr_count_vars
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc
av_fifo_alloc2
av_fifo_alloc_array
av_fifo_auto_grow_limit
av_fifo_can_read
av_fifo_can_write
av_fifo_drain
av_fifo_drain2
av_fifo_elem_size
av_fifo_free
av_fifo_freep
av_fifo_freep2
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_grow2
av_fifo_peek
av_fifo_peek_to_cb
av_fifo_read
av_fifo_read_to_cb
av_fifo_realloc2
av_fifo_reset
av_fifo_reset2
av_fifo_size
av_fifo_space
av_fifo_write
av_fifo_write_from_cb
av_file_map
av_file_unmap
av_film_grain_params_alloc
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_find_info_tag
av_find_nearest_q_idx
av_fopen_utf8
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_plane_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_side_data_name
av_frame_unref
av_free
av_freep
av_gcd
av_gcd_q
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_extended_channel_layout
av_get_known_color_name
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_hash_alloc
av_hash_final
av_hash_final_b64
av_hash_final_bin
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_get_size
av_hash_init
av_hash_names
av_hash_update
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_create_derived_opts
av_hwdevice_ctx_init
av_hwdevice_find_type_by_name
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwdevice_iterate_types
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_create_derived
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_i2int
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_plane_uc_from
av_image_copy_to_buffer
av_image_copy_uc_from
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_int2i
av_int_list_length_for_size
av_lfg_init
av_lfg_init_from_data
av_log
av_log2
av_log2_16bit
av_log2_i
av_log_default_callback
av_log_format_line
av_log_format_line2
av_log_get_flags
av_log_get_level
av_log_once
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_alloc
av_mastering_display_metadata_create_side_data
av_match_list
av_match_name
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_memdup
av_mod_i
av_mul_i
av_mul_q
av_murmur3_alloc
av_murmur3_final
av_murmur3_init
av_murmur3_init_seeded
av_murmur3_update
av_nearer_q
av_opt_child_class_iterate
av_opt_child_next
av_opt_copy
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_channel_layout
av_opt_get_chlayout
av_opt_get_dict_val
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_get_video_rate
av_opt_is_set_to_default
av_opt_is_set_to_default_by_name
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_serialize
av_opt_set
av_opt_set_bin
av_opt_set_channel_layout
av_opt_set_chlayout
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_set_video_rate
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
av_pixelutils_get_sad_fn
av_q2intfloat
av_rc4_alloc
av_rc4_crypt
av_rc4_init
av_read_image_line
av_read_image_line2
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_ripemd_alloc
av_ripemd_final
av_ripemd_init
av_ripemd_size
av_ripemd_update
av_sample_fmt_is_planar
av_samples_alloc
av_samples_alloc_array_and_samples
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_options_string
av_sha512_alloc
av_sha512_final
av_sha512_init
av_sha512_size
av_sha512_update
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_shr_i
av_size_mult
av_small_strptime
av_spherical_alloc
av_spherical_from_name
av_spherical_projection_name
av_spherical_tile_bounds
av_sscanf
av_stereo3d_alloc
av_stereo3d_create_side_data
av_stereo3d_from_name
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strireplace
av_stristart
av_stristr
av_strlcat

Sections

.code
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 386KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

d0766c89a072f4d915437428c2a433f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.code Size: 213KB - Virtual size: 212KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 386KB - Virtual size: 390KB

.reloc Size: 10KB - Virtual size: 10KB

.code
Size: 213KB - Virtual size: 212KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 386KB - Virtual size: 390KB

.reloc
Size: 10KB - Virtual size: 10KB