0dcc7de4b9b50810799a35e0a2a2f001

Sharing

Copy URL Twitter E-mail

General

Target

0dcc7de4b9b50810799a35e0a2a2f001
Size

9.1MB
MD5

0dcc7de4b9b50810799a35e0a2a2f001
SHA1

3f38c01d6b10466c38eb22d3ffed9ae5a9ac9dbb
SHA256

a4e6f3f5d1710387fdd13326975d490b16997ac20e3c88efb5c529630a645100
SHA512

638fbe22c8f3dce208905f7f57c785089886d0289153378e2cf338e9dbbec3fe6ce5bcff381a88b2429926eeb4918fcfdcad9fd68f43299c74f1a46f1961f4b7
SSDEEP

196608:6f1ASr7Cs/pOxWmfsuW4etj01FIaM9PnQhvZ:6fBrGYpOxdfJW4e18FIaM9Pn4Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DigitElePotoDIY/DigitElePotoDIY.exe
unpack001/DigitElePotoDIY/DigitElePotoDIY已注册.exe
unpack001/DigitElePotoDIY/Mp3Code.dll
unpack001/DigitElePotoDIY/libavidd-1.3.1.dll
unpack001/DigitElePotoDIY/libfilefmt-1.4.2.dll
unpack001/DigitElePotoDIY/libmcl-4.5.1.dll
unpack001/DigitElePotoDIY/svchost.dll

Files

0dcc7de4b9b50810799a35e0a2a2f001
.rar
DigitElePotoDIY/Album
DigitElePotoDIY/BackPic/10.jpg
.jpg
DigitElePotoDIY/BackPic/1106.jpg
.jpg
DigitElePotoDIY/BackPic/116.jpg
.jpg
DigitElePotoDIY/BackPic/118.jpg
.jpg
DigitElePotoDIY/BackPic/145.jpg
.jpg
DigitElePotoDIY/BackPic/15.jpg
.jpg
DigitElePotoDIY/BackPic/151.jpg
.jpg
DigitElePotoDIY/BackPic/157.jpg
.jpg
DigitElePotoDIY/BackPic/158.jpg
.jpg
DigitElePotoDIY/BackPic/159.jpg
.jpg
DigitElePotoDIY/BackPic/165.jpg
.jpg
DigitElePotoDIY/BackPic/166.jpg
.jpg
DigitElePotoDIY/BackPic/17.jpg
.jpg
DigitElePotoDIY/BackPic/18.jpg
.jpg
DigitElePotoDIY/BackPic/197.jpg
.jpg
DigitElePotoDIY/BackPic/198.jpg
.jpg
DigitElePotoDIY/BackPic/199.jpg
.jpg
DigitElePotoDIY/BackPic/2.jpg
.jpg
DigitElePotoDIY/BackPic/200.jpg
.jpg
DigitElePotoDIY/BackPic/22.jpg
.jpg
DigitElePotoDIY/BackPic/220.jpg
.jpg
DigitElePotoDIY/BackPic/24.jpg
.jpg
DigitElePotoDIY/BackPic/268.jpg
.jpg
DigitElePotoDIY/BackPic/30.jpg
.jpg
DigitElePotoDIY/BackPic/34.jpg
.jpg
DigitElePotoDIY/BackPic/35.jpg
.jpg
DigitElePotoDIY/BackPic/356.jpg
.jpg
DigitElePotoDIY/BackPic/39.jpg
.jpg
DigitElePotoDIY/BackPic/482.jpg
.jpg
DigitElePotoDIY/BackPic/5.jpg
.jpg
DigitElePotoDIY/BackPic/62.jpg
.jpg
DigitElePotoDIY/BackPic/Thumbs.db
DigitElePotoDIY/DigitElePotoDIY.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 964KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DigitElePotoDIY/DigitElePotoDIY已注册.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 965KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DigitElePotoDIY/Mp3Code.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_CDDoor
BASS_CDFree
BASS_CDGetID
BASS_CDGetTrackLength
BASS_CDGetTracks
BASS_CDInDrive
BASS_CDInit
BASS_CDPlay
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetEAXMix
BASS_ChannelGetFlags
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelResume
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetDSoundObject
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetGlobalVolumes
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetChannelVol
BASS_MusicGetLength
BASS_MusicGetName
BASS_MusicLoad
BASS_MusicPlay
BASS_MusicPlayEx
BASS_MusicPreBuf
BASS_MusicSetAmplify
BASS_MusicSetChannelVol
BASS_MusicSetPanSep
BASS_MusicSetPositionScaler
BASS_Pause
BASS_RecordFree
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SamplePlay
BASS_SamplePlay3D
BASS_SamplePlay3DEx
BASS_SamplePlayEx
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DAlgorithm
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetBufferLength
BASS_SetCLSID
BASS_SetEAXParameters
BASS_SetGlobalVolumes
BASS_SetLogCurves
BASS_SetNetConfig
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamGetLength
BASS_StreamGetTags
BASS_StreamPlay
BASS_StreamPreBuf
BASS_Update
_

Sections

Size: 95KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DigitElePotoDIY/config.dat
DigitElePotoDIY/libavidd-1.3.1.dll
.dll windows:4 windows x86 arch:x86

1a094a98ec878c7d536ad1d631c5e5fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
free
ceil
memmove
_ftol
floor
malloc
sprintf

kernel32

DisableThreadLibraryCalls
WaitForSingleObject
MultiByteToWideChar
CreateEventA
CloseHandle

ddraw

DirectDrawCreate

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

avidd_audio_info
avidd_audio_open
avidd_audio_read
avidd_close
avidd_video_info
avidd_video_open
avidd_video_read

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 995B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DigitElePotoDIY/libfilefmt-1.4.2.dll
.dll windows:4 windows x86 arch:x86

f66677c6a735a88250b4ecbc2a7b0dc9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

CreateBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject
SetPixel

kernel32

AddAtomA
CloseHandle
CreateFileA
CreateFileMappingA
FindAtomA
GetAtomNameA
GetFileSize
GlobalAlloc
GlobalFree
GlobalReAlloc
GlobalSize
LocalAlloc
LocalFree
MapViewOfFile
ReadFile
SetFilePointer
UnmapViewOfFile
WriteFile
lstrlenA

msvcrt

_close
_fdopen
_open
_read
_setmode
_stat
_strdup
_unlink
_write
__dllonexit
__mb_cur_max
_assert
_errno
_findclose
_findfirsti64
_iob
_isctype
_lseeki64
_open
_pclose
_pctype
_popen
_setjmp
_snprintf
_stricmp
_telli64
_tempnam
_vsnprintf
abort
acos
atan
atof
atoi
calloc
ceil
cos
cosh
exit
exp
fclose
ferror
fflush
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
ftell
fwrite
getc
getenv
gmtime
ldexp
localtime
log
longjmp
malloc
memchr
memcpy
memmove
memset
mktime
perror
printf
puts
qsort
rand
realloc
sin
sinh
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcpy
strlen
strncmp
strncpy
strrchr
strstr
strtod
strtol
strtoul
tan
tanh
time
tmpnam
tolower
toupper
ungetc
vfprintf

user32

GetFocus
MessageBoxA
wsprintfA
wvsprintfA

Exports

Exports

CloseMPEG
EGifCloseFile
EGifOpenFileName
EGifPutImageDesc
EGifPutLine
EGifPutScreenDesc
ExternErrorSet
ExternWarningSet
GetMPEGFrame
GetMPEGFrameFirst
GetMPEGFrameFirstFree
GetMPEGInfo
MOSLErrorFuncSet
OpenMPEG
ReadXpm
SeekMPEG
TIFFClose
TIFFGetField
TIFFGetFieldDefaulted
TIFFNumberOfStrips
TIFFOpen
TIFFReadEncodedStrip
TIFFReadScanline
TIFFScanlineSize
TIFFSetField
TIFFStripSize
TIFFWriteScanline
WriteXpm
bbmpeg_close
bbmpeg_create
bbmpeg_set_aspect_ratio
bbmpeg_set_bitrate
bbmpeg_write
cine_close
cine_info
cine_open
cine_read
cine_seek
ffmpeg_audio_close
ffmpeg_audio_create
ffmpeg_audio_set_bitrate
ffmpeg_audio_write
ffmpeg_video_close
ffmpeg_video_create
ffmpeg_video_set_aspect_ratio
ffmpeg_video_set_bitrate
ffmpeg_video_write_bgr24
ffmpeg_video_write_rgb24
ffmpeg_video_write_yuv420
hav_audio_get_format
hav_audio_read
hav_audio_seek
hav_audio_set_format
hav_audio_write
hav_audio_write_ex
hav_close
hav_create
hav_handle_alloc
hav_handle_free
hav_open
hav_video_get_format
hav_video_get_palette
hav_video_read
hav_video_seek
hav_video_set_format
hav_video_write
hav_video_write_ex
info_JPEG_file
mpg_audio_close
mpg_audio_info
mpg_audio_open
mpg_audio_read
mpg_audio_seek
mpg_get_type
mpg_mplex
ogg_audio_get_info
ogg_audio_read
ogg_audio_seek
ogg_audio_write
ogg_close
ogg_create
ogg_open
ogg_video_write_bgr24
png_build_grayscale_palette
png_create_info_struct
png_create_read_struct
png_create_write_struct
png_destroy_read_struct
png_destroy_write_struct
png_get_IHDR
png_get_PLTE
png_get_channels
png_get_rowbytes
png_read_end
png_read_image
png_read_info
png_read_update_info
png_set_IHDR
png_set_PLTE
png_set_bgr
png_set_compression_level
png_set_packing
png_set_read_fn
png_set_strip_16
png_set_strip_alpha
png_set_write_fn
png_sig_cmp
png_write_end
png_write_image
png_write_info
read_JPEG_file
write_JPEG_file

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 972KB - Virtual size: 971KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 354KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DigitElePotoDIY/libmcl-4.5.1.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

MclAbort
MclAssignAudioFunc
MclAssignAudioSource
MclAssignError
MclAssignProgress
MclAssignVideoFunc
MclAssignVideoSource
MclAudioGetBitRate
MclAudioGetBytesWritten
MclAudioGetCodec
MclAudioGetFileFormat
MclAudioGetFileName
MclAudioGetFormat
MclAudioGetQuality
MclAudioGetTruncateToVideo
MclAudioHasCodecDlg
MclAudioSetBitRate
MclAudioSetCodec
MclAudioSetFileFormat
MclAudioSetFileName
MclAudioSetFormat
MclAudioSetQuality
MclAudioSetTruncateToVideo
MclAudioShowCodecDlg
MclAviAddCustomInfo
MclAviClearCustomInfo
MclAviGetCustomInfo
MclBayerGetHdr
MclBayerLoad
MclBayerToImg
MclBitsToBytes
MclBytesToBits
MclClearCanvas
MclClearErrors
MclCodecsAudioCreate
MclCodecsFree
MclCodecsGetCount
MclCodecsGetInfo
MclCodecsVideoCreate
MclConvert
MclCreate
MclDIBToImg
MclEnableMPEG2
MclEnableMPEG4
MclFourCC
MclFree
MclGetElapsedTime
MclGetError
MclGetErrorStr
MclGetFileFmt
MclGetFileInfo
MclGetRemainingTime
MclGetStatus
MclGetUserData
MclImgAddAlpha
MclImgAverageAdd
MclImgAverageClear
MclImgAverageGet
MclImgBorder
MclImgBrightness
MclImgChaos
MclImgClear
MclImgContrast
MclImgCopy
MclImgCreate
MclImgCrop
MclImgDeinterlace
MclImgEdgeEnhance
MclImgFindEdges
MclImgFlipHorizontal
MclImgFlipVertical
MclImgFree
MclImgGamma
MclImgGetInfo
MclImgGetPixelRGB
MclImgGetPixels
MclImgInsert
MclImgPixelize
MclImgRedim
MclImgRemap
MclImgRemapToCustomPalette
MclImgResample
MclImgResampleToFit
MclImgResize
MclImgRotate
MclImgSaturation
MclImgSetPixels
MclImgSharpen
MclImgShow
MclImgShowInRect
MclImgSkip
MclImgSoften
MclImgSolarize
MclImgText
MclImgToDIB
MclImgToDIBWin3
MclImgTraceContour
MclImgWhiteBalance
MclListAdd
MclListCreate
MclListFree
MclListGetAudioFormat
MclListGetFileCount
MclListGetFrameCount
MclListGetFrameRate
MclListGetName
MclListGetSampleCount
MclListGetVideoFormat
MclLogExtra
MclLogStart
MclLogStop
MclMakeTimeStr
MclMpegMultiplex
MclPixelReorder
MclRGB
MclReadAlpha
MclReadClose
MclReadImage
MclReadInfo
MclReadOpen
MclReadSound
MclRegister
MclReleaseDIB
MclReleaseDIBWin3
MclSetFormatPreset
MclSetUserData
MclSimpleConvert
MclSimpleReadFirstImage
MclSimpleReadImage
MclSimpleWriteImage
MclSndCopy
MclSndCreate
MclSndFree
MclSndGetInfo
MclSndGetSamples
MclSndResample
MclSndSetSamples
MclSourceFinished
MclSourceSetDIB
MclSourceSetDirection
MclSourceSetFile
MclSourceSetFrameRate
MclSourceSetImage
MclSourceSetLen
MclSourceSetLenTime
MclSourceSetPixels
MclSourceSetSamples
MclSourceSetSound
MclSourceSetStart
MclSourceSetStartTime
MclSourceSkip
MclSplitColor
MclTextCreate
MclTextFree
MclTextGetExtents
MclTextSetColor
MclTextSetFont
MclTextShadow
MclTiffGetTag
MclTiffSet16to8bitGrayRange
MclTranslate
MclTranslateClear
MclVideoAviCodecConfigDlg
MclVideoGetAspectRatio
MclVideoGetBitRate
MclVideoGetBytesWritten
MclVideoGetCodec
MclVideoGetCodecData
MclVideoGetDithering
MclVideoGetFileFormat
MclVideoGetFileName
MclVideoGetFormat
MclVideoGetFrameRate
MclVideoGetKeepDuration
MclVideoGetKeyFrameRate
MclVideoGetQuality
MclVideoHasCodecDlg
MclVideoSetAspectRatio
MclVideoSetBitRate
MclVideoSetCodec
MclVideoSetCodecData
MclVideoSetDithering
MclVideoSetFileFormat
MclVideoSetFileName
MclVideoSetFormat
MclVideoSetFrameRate
MclVideoSetKeepDuration
MclVideoSetKeyFrameRate
MclVideoSetQuality
MclVideoShowCodecDlg
MclWriteClose
MclWriteImage
MclWriteSound

Sections

CODE
Size: 608KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 277KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DigitElePotoDIY/svchost.dll
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DigitElePotoDIY/东达软件/M0.mp3
DigitElePotoDIY/东达软件/M1.mp3
DigitElePotoDIY/东达软件/MusicInfo
DigitElePotoDIY/东达软件/P0.jpg
.jpg
DigitElePotoDIY/东达软件/P1.jpg
.jpg
DigitElePotoDIY/东达软件/P10.jpg
.jpg
DigitElePotoDIY/东达软件/P11.jpg
.jpg
DigitElePotoDIY/东达软件/P2.jpg
.jpg
DigitElePotoDIY/东达软件/P3.jpg
.jpg
DigitElePotoDIY/东达软件/P4.jpg
.jpg
DigitElePotoDIY/东达软件/P5.jpg
.jpg
DigitElePotoDIY/东达软件/P6.jpg
.jpg
DigitElePotoDIY/东达软件/P7.jpg
.jpg
DigitElePotoDIY/东达软件/P8.jpg
.jpg
DigitElePotoDIY/东达软件/P9.jpg
.jpg
DigitElePotoDIY/东达软件/PicInfo
DigitElePotoDIY/东达软件/Thumbs.db

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 1.2MB - Virtual size: 1.2MB

DATA Size: 22KB - Virtual size: 21KB

BSS Size: - Virtual size: 10KB

.idata Size: 12KB - Virtual size: 12KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 85KB - Virtual size: 85KB

.rsrc Size: 964KB - Virtual size: 964KB

Headers

File Characteristics

Sections

CODE Size: 1.2MB - Virtual size: 1.2MB

DATA Size: 22KB - Virtual size: 21KB

BSS Size: - Virtual size: 10KB

.idata Size: 12KB - Virtual size: 12KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 85KB - Virtual size: 85KB

.rsrc Size: 965KB - Virtual size: 964KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 95KB - Virtual size: 336KB

Size: 4KB - Virtual size: 3KB

1a094a98ec878c7d536ad1d631c5e5fa

Headers

File Characteristics

Imports

msvcrt

kernel32

ddraw

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 995B

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 304B

.rsrc Size: 4KB - Virtual size: 872B

f66677c6a735a88250b4ecbc2a7b0dc9

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.data Size: 972KB - Virtual size: 971KB

.bss Size: - Virtual size: 354KB

.edata Size: 3KB - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 70KB - Virtual size: 69KB

.rsrc Size: 1024B - Virtual size: 872B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 608KB - Virtual size: 607KB

DATA Size: 63KB - Virtual size: 62KB

BSS Size: - Virtual size: 277KB

.idata Size: 12KB - Virtual size: 11KB

.edata Size: 5KB - Virtual size: 5KB

.reloc Size: 32KB - Virtual size: 32KB

.rsrc Size: 64KB - Virtual size: 64KB

CODE
Size: 1.2MB - Virtual size: 1.2MB

DATA
Size: 22KB - Virtual size: 21KB

BSS
Size: - Virtual size: 10KB

.idata
Size: 12KB - Virtual size: 12KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 964KB - Virtual size: 964KB

CODE
Size: 1.2MB - Virtual size: 1.2MB

DATA
Size: 22KB - Virtual size: 21KB

BSS
Size: - Virtual size: 10KB

.idata
Size: 12KB - Virtual size: 12KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 965KB - Virtual size: 964KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 995B

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 304B

.rsrc
Size: 4KB - Virtual size: 872B

.text
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 972KB - Virtual size: 971KB

.bss
Size: - Virtual size: 354KB

.edata
Size: 3KB - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 70KB - Virtual size: 69KB

.rsrc
Size: 1024B - Virtual size: 872B

CODE
Size: 608KB - Virtual size: 607KB

DATA
Size: 63KB - Virtual size: 62KB

BSS
Size: - Virtual size: 277KB

.idata
Size: 12KB - Virtual size: 11KB

.edata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 64KB - Virtual size: 64KB

CODE
Size: 313KB - Virtual size: 313KB

DATA
Size: 6KB - Virtual size: 6KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 20KB - Virtual size: 20KB