124ef7cab0e1d833325a24700a48bba6

Sharing

Copy URL Twitter E-mail

General

Target

124ef7cab0e1d833325a24700a48bba6
Size

2.0MB
MD5

124ef7cab0e1d833325a24700a48bba6
SHA1

e7187246960387425e7086c9adde261006e8e33b
SHA256

3cce6c199f6f52a66611b5fc596b6fe381a4cbaf3da6d65a9cbc280f42fe7cf6
SHA512

9bbd2aef679ecd2e51c20123bdd605e25a826445dc3971e317a595dd8ed19f176059d2d3f9ec34bc0700b0afdb5c5748e785834f1d3722d28eb66627c2f817b1
SSDEEP

49152:M9fEXSD1uAhiifAtonsolPO5VMiCb2y+2+FBmdgw:LiD1/iNonTSVMiCb212+FBmdgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MACDll.dll
unpack001/ShellEx.dll
unpack001/atl.dll
unpack001/avcodec.dll
unpack001/avformat.dll
unpack001/全能音频转换通.exe

Files

124ef7cab0e1d833325a24700a48bba6
.rar
Help/help.chm
.chm
MACDll.dll
.dll windows:4 windows x86 arch:x86

e2c74ffadae0d70ecf4b14291e53bc3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
LoadLibraryA
FreeLibrary
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetLastError
SetLastError
FlushFileBuffers
GetSystemInfo
CloseHandle
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
Sleep
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RaiseException
HeapFree
HeapAlloc
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
InitializeCriticalSection
HeapSize
VirtualQuery
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect

user32

MessageBoxA
EndDialog
GetDlgItem
TranslateMessage

Exports

Exports

CompressFile
ConvertFile
DecompressFile
FillWaveFormatEx
FillWaveHeader
GetID3Tag
GetInterfaceCompatibility
GetVersionNumber
RemoveTag
ShowFileInfoDialog
TagFileSimple
VerifyFile
_c_APEDecompress_CreateW@8
c_APECompress_AddData
c_APECompress_Create
c_APECompress_Destroy
c_APECompress_Finish
c_APECompress_GetBufferBytesAvailable
c_APECompress_Kill
c_APECompress_LockBuffer
c_APECompress_Start
c_APECompress_UnlockBuffer
c_APEDecompress_Create
c_APEDecompress_Destroy
c_APEDecompress_GetData
c_APEDecompress_GetInfo
c_APEDecompress_Seek

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ShellEx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d5374122ee4aeaf9b1872e6a92c0937d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalUnlock
lstrcpynA
lstrcpynW
GlobalLock
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
GetVersion
lstrlenA
LeaveCriticalSection
lstrlenW
EnterCriticalSection
GetModuleFileNameA
HeapReAlloc
WideCharToMultiByte
GetEnvironmentStrings
GetFileType
GetStartupInfoA
RtlUnwind
GetCommandLineA
HeapFree
RaiseException
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
DisableThreadLibraryCalls
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
GetOEMCP
GetStringTypeW
IsBadCodePtr
GetCPInfo
GetACP
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA

user32

LoadBitmapA
InsertMenuA
SetMenuItemBitmaps

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

DragQueryFileA
ShellExecuteA

ole32

ReleaseStgMedium

oleaut32

SysFreeString
LoadRegTypeLi
SysStringLen

atl

ord21
ord30
ord58
ord18
ord57
ord15
ord23
ord16
ord32

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
atl.dll
.dll regsvr32 windows:5 windows x86 arch:x86

6bfedd40b55eb30555a20a996e076ef2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
realloc
_purecall
free
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z

kernel32

WaitForSingleObject
WideCharToMultiByte
lstrlenW
lstrcpyW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatW
GetModuleFileNameW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GetShortPathNameW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalAlloc
DisableThreadLibraryCalls
GetVersionExA
MultiByteToWideChar
lstrlenA
SizeofResource
GetACP
FindResourceW
GetLastError
LoadLibraryExW
lstrcmpiW
lstrcpynW
lstrcmpW
FlushInstructionCache
GetCurrentProcess
CloseHandle
ReadFile
GetFileSize
CreateFileW
SetLastError
GlobalUnlock
GlobalLock
FreeResource
GlobalFree
GlobalHandle
LockResource
FindResourceA
InterlockedCompareExchange
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
HeapAlloc
DelayLoadFailureHook
VirtualAlloc
LoadResource
VirtualFree

user32

TranslateMessage
MsgWaitForMultipleObjects
CharNextW
RegisterClassExW
wsprintfW
LoadCursorW
GetClassInfoExW
ReleaseDC
GetDC
SendMessageW
LoadStringW
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
UnregisterClassW
MessageBoxA
DefWindowProcW
GetSysColor
GetDesktopWindow
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
CallWindowProcW
SetWindowLongW
GetWindowLongW
SetFocus
GetWindow
IsChild
GetFocus
EndPaint
FillRect
GetClientRect
BeginPaint
GetDlgItem
SetWindowPos
IsWindow
RedrawWindow
GetClassNameW
GetParent
DestroyWindow
CreateAcceleratorTableW
CreateWindowExW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
DialogBoxIndirectParamW
DialogBoxIndirectParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
DispatchMessageW
PeekMessageW

gdi32

GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
CreateDCW

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlMarshalPtrInProc
AtlModuleAddCreateWndData
AtlModuleAddTermFunc
AtlModuleExtractCreateWndData
AtlModuleGetClassObject
AtlModuleInit
AtlModuleLoadTypeLib
AtlModuleRegisterClassObjects
AtlModuleRegisterServer
AtlModuleRegisterTypeLib
AtlModuleRegisterWndClassInfoA
AtlModuleRegisterWndClassInfoW
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlModuleUnRegisterTypeLib
AtlModuleUnregisterServer
AtlModuleUnregisterServerEx
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlUnadvise
AtlUnmarshalPtr
AtlWaitWithMessageLoop
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcodec.dll
.dll windows:4 windows x86 arch:x86

39366307cc3488140d327e2a46c64b8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateSemaphoreA
FindAtomA
GetAtomNameA
ReleaseSemaphore
WaitForSingleObject

msvcrt

__dllonexit
_assert
_beginthreadex
_errno
_iob
_snprintf
_vsnprintf
abort
acos
atan
atof
atoi
calloc
ceil
cos
cosh
exit
exp
fclose
fflush
floor
fopen
fprintf
fread
free
frexp
fscanf
fseek
ftell
fwrite
ldexp
log
log10
malloc
memcpy
memmove
memset
perror
pow
printf
putchar
qsort
realloc
sin
sinh
sprintf
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strlen
strncpy
strtod
strtol
tan
tanh
tolower
toupper
vfprintf

Exports

Exports

ABR_iteration_loop
ATHformula
ATHformula_GB
AddVbrFrame
AnalyzeSamples
BitrateIndex
CRC_update_lookup
CRC_writeheader
CheckVbrTag
DCT_common_init
DCtab_chrom
DCtab_lum
FindNearestBitrate
GetAlbumGain
GetTitleGain
GetVbrTag
InitGainAnalysis
InitVbrTag
L3psycho_anal
L3psycho_anal_ns
MP3lame_encode_close
MP3lame_encode_frame
MPV_common_end
MPV_common_init
MPV_common_init_mmx
MPV_decode_defaults
MPV_decode_mb
MPV_encode_end
MPV_encode_init
MPV_encode_picture
MPV_frame_end
MPV_frame_start
PutLameVBR
PutVbrTag
ResetSampleFrequency
ResvAdjust
ResvFrameBegin
ResvFrameEnd
ResvMaxBits
SmpFrqIndex
UpdateMusicCRC
VBR_iteration_loop
VBR_noise_shaping
_analysis_output
_analysis_output_always
_best
_book_maptype1_quantvals
_book_unquantize
_float32_pack
_float32_unpack
_floor_P
_ilog
_make_words
_mapping_P
_residue_P
_ve_envelope_clear
_ve_envelope_init
_ve_envelope_mark
_ve_envelope_search
_ve_envelope_shift
_vi_gpsy_free
_vi_psy_free
_vorbis_apply_window
_vorbis_block_alloc
_vorbis_block_ripcord
_vorbis_window_get
_vp_ampmax_decay
_vp_couple
_vp_global_free
_vp_global_look
_vp_noise_normalize
_vp_noise_normalize_sort
_vp_noisemask
_vp_offset_and_mix
_vp_psy_clear
_vp_psy_init
_vp_quantize_couple_memo
_vp_quantize_couple_sort
_vp_remove_floor
_vp_tonemask
a52_bit_allocate
a52_bitstream_get_bh
a52_bitstream_get_bh_2
a52_bitstream_set_ptr
a52_block
a52_crc16_block
a52_downmix
a52_downmix_coeff
a52_downmix_init
a52_dynrng
a52_frame
a52_free
a52_imdct_256
a52_imdct_512
a52_imdct_init
a52_init
a52_resample
a52_resample_init
a52_samples
a52_syncinfo
a52_upmix
ac3_common_init
ac3_decoder
ac3_encoder
ac3_parametric_bit_allocation
ac3_parser
add_dummy_byte
add_pixels_clamped_mmx
adj43asm
adpcm_4xm_decoder
adpcm_4xm_encoder
adpcm_adx_decoder
adpcm_adx_encoder
adpcm_ct_decoder
adpcm_ct_encoder
adpcm_ea_decoder
adpcm_ea_encoder
adpcm_g726_decoder
adpcm_g726_encoder
adpcm_ima_dk3_decoder
adpcm_ima_dk3_encoder
adpcm_ima_dk4_decoder
adpcm_ima_dk4_encoder
adpcm_ima_qt_decoder
adpcm_ima_qt_encoder
adpcm_ima_smjpeg_decoder
adpcm_ima_smjpeg_encoder
adpcm_ima_wav_decoder
adpcm_ima_wav_encoder
adpcm_ima_ws_decoder
adpcm_ima_ws_encoder
adpcm_ms_decoder
adpcm_ms_encoder
adpcm_xa_decoder
adpcm_xa_encoder
adx_adpcm_decoder
adx_adpcm_encoder
align_get_bits
align_put_bits
alloc_bitplane
alloc_tables
analysis_noisy
apply_abr_preset
apply_preset
asv1_decoder
asv1_encoder
asv2_decoder
asv2_encoder
athAdjust
audio_resample
audio_resample_close
audio_resample_init
av_add_i
av_add_q
av_build_filter
av_cmp_i
av_d2q
av_div_i
av_div_q
av_fast_realloc
av_first_parser
av_free
av_free_static
av_freep
av_get_pict_type_char
av_i2int
av_int2i
av_log
av_log2_i
av_log_get_level
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_mallocz_static
av_mod_i
av_mul_i
av_mul_q
av_parser_close
av_parser_init
av_parser_parse
av_realloc
av_realloc_static
av_reduce
av_register_codec_parser
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_rescale
av_rescale_rnd
av_shr_i
av_strdup
av_sub_i
av_sub_q
av_vlog
avcodec_align_dimensions
avcodec_alloc_context
avcodec_alloc_frame
avcodec_build
avcodec_check_dimensions
avcodec_close
avcodec_decode_audio
avcodec_decode_video
avcodec_default_execute
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_frame_defaults
avcodec_get_pix_fmt
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_init
avcodec_open
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avcodec_thread_execute
avcodec_thread_free
avcodec_thread_init
avcodec_version
avoption_parse
avoptions_common
avoptions_workaround_bug
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
band_size_long
band_size_short
bessel
best_huffman_divide
best_scalefac_store
bin_search_StepSize
bitrate_table
calc_noise
calc_scalefac
calc_xmin
cbpc_b_tab
cbpy_tab
checkScalefactor
check_marker
ci_table
cinepak_decoder
cljr_decoder
compute_flushbits
compute_scalefacs_long
compute_scalefacs_long_lsf
compute_scalefacs_short
copy_buffer
count_bit_ESC
count_bits
crc16_lookup
cropTbl
cyuv_decoder
decode_luma_intra_block
disable_FPE
draw_edges
drft_backward
drft_clear
drft_forward
drft_init
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
dvvideo_decoder
dvvideo_encoder
eightbps_decoder
fast_log2
fdct_ifast
fdct_ifast248
fdct_r_row_sse2
ff_aic_dc_scale_table
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_block_permute
ff_build_rac_states
ff_clean_h263_qscales
ff_clean_intra_table_entries
ff_clean_mpeg4_qscales
ff_combine_frame
ff_copy_bits
ff_draw_horiz_band
ff_emulated_edge_mc
ff_epzs_motion_search
ff_er_add_slice
ff_er_frame_end
ff_er_frame_start
ff_estimate_b_frame_motion
ff_estimate_p_frame_motion
ff_eval
ff_faandct
ff_faandct248
ff_fdct248_islow
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fft_calc_c
ff_fft_end
ff_fft_init
ff_fft_permute
ff_find_unused_picture
ff_fix_long_mvs
ff_fix_long_p_mvs
ff_flv_encode_picture_header
ff_gcd
ff_get_best_fcode
ff_get_mb_score
ff_golomb_vlc_len
ff_h261_encode_init
ff_h261_encode_mb
ff_h261_encode_picture_header
ff_h261_loop_filter
ff_h261_reorder_mb_index
ff_h263_chroma_qscale_table
ff_h263_decode_end
ff_h263_decode_frame
ff_h263_decode_init
ff_h263_decode_mb
ff_h263_decode_mba
ff_h263_encode_mba
ff_h263_encode_motion
ff_h263_get_gob_height
ff_h263_loop_filter
ff_h263_loop_filter_strength
ff_h263_resync
ff_h263_round_chroma
ff_h263_update_motion_val
ff_h264_idct_add_c
ff_h264_lowres_idct_add_c
ff_h264_lowres_idct_put_c
ff_h264_lps_range
ff_h264_lps_state
ff_h264_mps_state
ff_h264_norm_shift
ff_imdct_calc
ff_init_block_index
ff_init_cabac_decoder
ff_init_cabac_encoder
ff_init_cabac_states
ff_init_me
ff_init_range_decoder
ff_init_range_encoder
ff_init_scantable
ff_interleaved_golomb_vlc_len
ff_interleaved_se_golomb_vlc_code
ff_interleaved_ue_golomb_vlc_code
ff_jpeg_fdct_islow
ff_log2_tab
ff_mba_length
ff_mba_max
ff_mdct_calc
ff_mdct_end
ff_mdct_init
ff_mjpeg_stuffing
ff_mmx_idct
ff_mmxext_idct
ff_mpa_synth_filter
ff_mpa_synth_init
ff_mpeg1_clean_buffers
ff_mpeg1_dc_scale_table
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg1_encode_init
ff_mpeg1_encode_slice_header
ff_mpeg1_find_frame_end
ff_mpeg4_c_dc_scale_table
ff_mpeg4_clean_buffers
ff_mpeg4_decode_mb
ff_mpeg4_decode_partitions
ff_mpeg4_decode_picture_header
ff_mpeg4_default_intra_matrix
ff_mpeg4_default_non_intra_matrix
ff_mpeg4_encode_video_packet_header
ff_mpeg4_find_frame_end
ff_mpeg4_get_video_packet_prefix_length
ff_mpeg4_init_partitions
ff_mpeg4_merge_partitions
ff_mpeg4_resync_prefix
ff_mpeg4_set_direct_mv
ff_mpeg4_stuffing
ff_mpeg4_y_dc_scale_table
ff_mpeg_flush
ff_msmpeg4_decode_init
ff_msmpeg4_encode_init
ff_mspel_motion
ff_parse_close
ff_pre_estimate_p_frame_motion
ff_print_debug_info
ff_put_no_rnd_qpel16_mc11_old_c
ff_put_no_rnd_qpel16_mc12_old_c
ff_put_no_rnd_qpel16_mc13_old_c
ff_put_no_rnd_qpel16_mc31_old_c
ff_put_no_rnd_qpel16_mc32_old_c
ff_put_no_rnd_qpel16_mc33_old_c
ff_put_no_rnd_qpel8_mc11_old_c
ff_put_no_rnd_qpel8_mc12_old_c
ff_put_no_rnd_qpel8_mc13_old_c
ff_put_no_rnd_qpel8_mc31_old_c
ff_put_no_rnd_qpel8_mc32_old_c
ff_put_no_rnd_qpel8_mc33_old_c
ff_put_qpel16_mc11_old_c
ff_put_qpel16_mc12_old_c
ff_put_qpel16_mc13_old_c
ff_put_qpel16_mc31_old_c
ff_put_qpel16_mc32_old_c
ff_put_qpel16_mc33_old_c
ff_put_qpel8_mc11_old_c
ff_put_qpel8_mc12_old_c
ff_put_qpel8_mc13_old_c
ff_put_qpel8_mc31_old_c
ff_put_qpel8_mc32_old_c
ff_put_qpel8_mc33_old_c
ff_rac_terminate
ff_rate_control_init
ff_rate_control_uninit
ff_rate_estimate_qscale
ff_se_golomb_vlc_code
ff_set_cmp
ff_set_mpeg4_time
ff_set_qscale
ff_simple_idct_add_mmx
ff_simple_idct_mmx
ff_simple_idct_put_mmx
ff_spatial_dwt
ff_spatial_idwt
ff_sqrt_tab
ff_table0_dc_chroma
ff_table0_dc_lum
ff_table1_dc_chroma
ff_table1_dc_lum
ff_ue_golomb_len
ff_ue_golomb_vlc_code
ff_update_duplicate_context
ff_vbv_update
ff_wmv2_add_mb
ff_wmv2_decode_picture_header
ff_wmv2_decode_secondary_picture_header
ff_wmv2_encode_mb
ff_wmv2_encode_picture_header
ff_write_pass1_stats
ff_write_quant_matrix
ff_yuv420p_list
ff_zigzag248_direct
ff_zigzag_direct
fft_long
fft_short
ffv1_decoder
ffv1_encoder
ffvhuff_decoder
ffvhuff_encoder
fill_buffer
fill_buffer_resample
find_lowest_scalefac
find_scalefac_ISO
find_scalefac_ave_ISO
find_scalefac_ave_x34
find_scalefac_mq_ISO
find_scalefac_mq_x34
find_scalefac_x34
first_avcodec
flac_decoder
flic_decoder
floor0_exportbundle
floor1_encode
floor1_exportbundle
floor1_fit
floor1_interpolate_fit
flush_bitstream
flv_decoder
flv_encoder
flv_h263_decode_picture_header

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 506KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avformat.dll
.dll windows:4 windows x86 arch:x86

83ded2d779b1e2bd86ac6c59316e5476

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_close
_lseek
_read
_setmode
_write
__dllonexit
__mb_cur_max
_errno
_ftime
_iob
_isctype
_lseeki64
_open
_pctype
_snprintf
_stricmp
_vsnprintf
abort
atoi
calloc
fclose
fflush
floor
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
gmtime
localtime
malloc
memchr
memcpy
memmove
memset
mktime
printf
puts
realloc
sscanf
strchr
strcmp
strcpy
strlen
strncpy
strrchr
strtod
strtol
strtoul
time
toupper

avcodec

_analysis_output_always
av_fast_realloc
av_free
av_freep
av_log
av_malloc
av_mallocz
av_parser_close
av_parser_init
av_parser_parse
av_realloc
av_reduce
av_rescale
av_rescale_rnd
av_strdup
avcodec_alloc_context
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio
avcodec_decode_video
avcodec_encode_video
avcodec_find_decoder
avcodec_find_encoder
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_init
avcodec_open
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_string
avpicture_fill
avpicture_get_size
ff_gcd
mjpeg_decoder
mjpeg_encoder
vorbis_block_clear
vorbis_block_init
vorbis_comment_clear
vorbis_comment_init
vorbis_dsp_clear
vorbis_info_blocksize
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_halfrate
vorbis_synthesis_halfrate_p
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_lapout
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_restart
vorbis_synthesis_trackonly
vorbis_window
mjpeg_decoder
mjpeg_encoder

Exports

Exports

__dynarray_add
ac3_iformat
ac3_oformat
asf_init
asf_oformat
asf_stream_oformat
au_init
av_add_index_entry
av_alloc_format_context
av_close_input_file
av_destruct_packet_nofree
av_dup_packet
av_find_default_stream_index
av_find_input_format
av_find_stream_info
av_frac_add
av_frac_init
av_frac_set
av_gettime
av_guess_codec
av_guess_image2_codec
av_hex_dump
av_index_search_timestamp
av_interleaved_write_frame
av_new_packet
av_new_stream
av_open_input_file
av_open_input_stream
av_pkt_dump
av_probe_image_format
av_probe_input_format
av_read_frame
av_read_image
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_image_format
av_register_input_format
av_register_output_format
av_seek_frame
av_seek_frame_binary
av_set_parameters
av_set_pts_info
av_write_frame
av_write_header
av_write_image
av_write_trailer
avidec_init
avienc_init
brktimegm
codec_bmp_tags
codec_get_bmp_id
codec_get_bmp_tag
codec_get_id
codec_get_tag
codec_get_wav_id
codec_get_wav_tag
codec_movaudio_tags
codec_movvideo_tags
codec_wav_tags
crc_init
dts_iformat
dump_format
dv_assemble_frame
dv_delete_mux
dv_flush_audio_packets
dv_get_packet
dv_init_demux
dv_init_mux
dv_produce_packet
ea_init
end_tag
ff_dv_init
ff_qt_default_palette_16
ff_qt_default_palette_256
ff_qt_default_palette_4
ff_wav_init
ffm_init
ffm_nopts
ffm_read_write_index
ffm_set_write_index
ffm_write_write_index
fifo_free
fifo_init
fifo_read
fifo_realloc
fifo_size
fifo_write
file_protocol
filename_number_test
film_init
find_info_tag
first_iformat
first_image_format
first_oformat
first_protocol
flic_init
flv_iformat
flvdec_init
flvenc_init
fourxm_init
frame_hook_add
frame_hook_process
frame_hook_release
get_be16
get_be24
get_be32
get_be64
get_be64_double
get_buffer
get_byte
get_checksum
get_frame_filename
get_le16
get_le32
get_le64
get_partial_buffer
get_strz
get_wav_header
gif_iformat
gif_image_format
gif_init
gif_write
guess_format
guess_image_format
guess_stream_format
h261_iformat
h261_oformat
h263_iformat
h263_oformat
h264_iformat
h264_oformat
idcin_init
img2_init
img_init
init_checksum
init_put_byte
ipmovie_init
jpeg_image_format
jpeg_init
localtime_r
loop_input
m4v_iformat
m4v_oformat
match_ext
matroska_init
mjpeg_iformat
mjpeg_oformat
mktimegm
mov_init
mov_write_ftyp_tag
mov_write_mdat_tag
movenc_init
mp2_oformat
mp3_iformat
mp3_init
mp3_oformat
mpeg1video_oformat
mpeg2video_oformat
mpegps_demux
mpegps_init
mpegts_close_filter
mpegts_crc32
mpegts_demux
mpegts_init
mpegts_mux
mpegts_open_pes_filter
mpegts_open_section_filter
mpegts_parse_close
mpegts_parse_open
mpegts_parse_packet
mpegts_scan_pat
mpegts_scan_sdt
mpegts_set_service
mpegts_write_section
mpegts_write_section1
mpegvideo_iformat
nsvdec_init
null_oformat
nut_init
ogg_init
ogg_packet_clear
ogg_page_bos
ogg_page_checksum_set
ogg_page_continued
ogg_page_eos
ogg_page_granulepos
ogg_page_packets
ogg_page_pageno
ogg_page_serialno
ogg_page_version
ogg_stream_clear
ogg_stream_destroy
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_packetpeek
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_stream_reset_serialno
ogg_sync_buffer
ogg_sync_clear
ogg_sync_destroy
ogg_sync_init
ogg_sync_pageout
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
oggvorbis_read_info
ov_bitrate
ov_bitrate_instant
ov_clear
ov_comment
ov_crosslap
ov_halfrate
ov_halfrate_p
ov_info
ov_open
ov_open_callbacks
ov_pcm_seek
ov_pcm_seek_lap
ov_pcm_seek_page
ov_pcm_seek_page_lap
ov_pcm_tell
ov_pcm_total
ov_raw_seek
ov_raw_seek_lap
ov_raw_tell
ov_raw_total
ov_read
ov_read_float
ov_seekable
ov_serialnumber
ov_streams
ov_test
ov_test_callbacks
ov_test_open
ov_time_seek
ov_time_seek_lap
ov_time_seek_page
ov_time_seek_page_lap
ov_time_tell
ov_time_total
pam_image_format
parse_date
parse_frame_rate
parse_image_size
pbm_image_format
pcm_alaw_iformat
pcm_alaw_oformat
pcm_mulaw_iformat
pcm_mulaw_oformat
pcm_read_seek
pcm_s16be_iformat
pcm_s16be_oformat
pcm_s16le_iformat
pcm_s16le_oformat
pcm_s8_iformat
pcm_s8_oformat
pcm_u16be_iformat
pcm_u16be_oformat
pcm_u16le_iformat
pcm_u16le_oformat
pcm_u8_iformat
pcm_u8_oformat
pgm_image_format
pgmyuv_image_format
pipe_protocol
pnm_image_format
ppm_image_format
pstrcat
pstrcpy
put_be16
put_be32
put_be64
put_be64_double
put_bmp_header
put_buffer
put_byte
put_fifo
put_flush_packet
put_le16
put_le32
put_le64
put_strz
put_tag
put_wav_header
raw_init
rawvideo_iformat
rawvideo_oformat
register_protocol
rm_init
roq_init
set_service_cb
sgi_image_format
small_strptime
sol_init
start_tag
str_init
stristart
strstart
swf_init
update_adler32
url_close
url_close_buf
url_close_dyn_buf
url_exist
url_fclose
url_fdopen
url_feof
url_ferror
url_fget_max_packet_size
url_fgetc
url_fgets
url_fileno
url_filesize
url_fopen
url_fprintf
url_fseek
url_fskip
url_ftell
url_get_filename
url_get_max_packet_size
url_interrupt_cb
url_open
url_open_buf
url_open_dyn_buf
url_open_dyn_packet_buf
url_read
url_seek
url_set_interrupt_cb
url_setbufsize
url_split
url_write
vmd_init
wav_codec_get_id
wc3_init
westwood_init
yuv4mpeg_init
yuv4mpegpipe_iformat
yuv4mpegpipe_oformat
yuv_image_format

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot
全能音频转换通.exe
.exe windows:4 windows x86 arch:x86

bb01a0fc3b776b726f021c130629577a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess
VirtualAlloc
VirtualFree
GetModuleHandleA

user32

MessageBoxA

Sections

�0
Size: - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�p
Size: - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2c74ffadae0d70ecf4b14291e53bc3e

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 9KB

d5374122ee4aeaf9b1872e6a92c0937d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

6bfedd40b55eb30555a20a996e076ef2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 1024B - Virtual size: 832B

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 2KB

39366307cc3488140d327e2a46c64b8d

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.data Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 338KB - Virtual size: 338KB

.bss Size: - Virtual size: 506KB

.edata Size: 33KB - Virtual size: 32KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 58KB - Virtual size: 57KB

83ded2d779b1e2bd86ac6c59316e5476

Headers

File Characteristics

Imports

kernel32

msvcrt

avcodec

Exports

Exports

Sections

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 1024B - Virtual size: 832B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 338KB - Virtual size: 338KB

.bss
Size: - Virtual size: 506KB

.edata
Size: 33KB - Virtual size: 32KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 58KB - Virtual size: 57KB

.text
Size: 295KB - Virtual size: 295KB

.data
Size: 9KB - Virtual size: 9KB

.rdata
Size: 32KB - Virtual size: 31KB

.bss
Size: - Virtual size: 272B

.edata
Size: 8KB - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 5KB

�0
Size: - Virtual size: 586KB

�p
Size: - Virtual size: 91KB

��
Size: - Virtual size: 124KB