1760e132d55bef431d91d61cf7e258fe

Sharing

Copy URL Twitter E-mail

General

Target

1760e132d55bef431d91d61cf7e258fe
Size

546KB
MD5

1760e132d55bef431d91d61cf7e258fe
SHA1

30dcab9567b9dd261545f35fb6f221b8443e42f1
SHA256

48f2172c90fafa92dde34b92f5d2fa6aabba6b05e196082e354196f8b6d17a21
SHA512

6367f3a876b638f42ea4c305c2681a27d0b550433b8b21f8ce49ffd572d865c627b936a2ea628779a3090c50d254af774760417eec3ed2f38307d61717f30d89
SSDEEP

12288:ra8ArvDfOF1yLB8PBcA8vB6Ord8O7LcbQ6AYtDK1AyuK8T237Yt:u8ArvDfa1yLiBo0MwbQ6AYtGqyu92rYt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/script.media.aggregator/bin/u8runner.exe

Files

1760e132d55bef431d91d61cf7e258fe
.zip
script.media.aggregator/LICENSE
script.media.aggregator/aceplayer.py
script.media.aggregator/addon.xml
.xml
script.media.aggregator/afteractions.py
script.media.aggregator/anidub.py
script.media.aggregator/backgrounds.py
script.media.aggregator/base.py
script.media.aggregator/bencode.py
script.media.aggregator/bin/u8runner.exe
.exe windows:6 windows x86 arch:x86

02e744d620efd5a4c4a1194e3e78d348

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer

shell32

ShellExecuteW

msvcr120

_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_except_handler4_common
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_commode
_fmode
__initenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
strstr
memmove
??0exception@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
__CxxFrameHandler3
_CxxThrowException
memcpy

msvcp120

??Bid@locale@std@@QAEIXZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_BADOFF@std@@3_JB
?_Xbad_alloc@std@@YAXXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
script.media.aggregator/bluebird.py
script.media.aggregator/changelog.txt
script.media.aggregator/complex_requests.py
script.media.aggregator/context.py
script.media.aggregator/context_get_sources.py
script.media.aggregator/context_repair.py
script.media.aggregator/context_search.py
script.media.aggregator/context_settings.py
script.media.aggregator/context_show_similar.py
script.media.aggregator/context_united_search.py
script.media.aggregator/countries.py
script.media.aggregator/dispatcher.py
script.media.aggregator/downloader.py
script.media.aggregator/elementumplayer.py
script.media.aggregator/fanart.jpg
.jpg
script.media.aggregator/filesystem.py
script.media.aggregator/hdclub.py
script.media.aggregator/icon.png
.png
script.media.aggregator/kodidb.py
script.media.aggregator/log.py
script.media.aggregator/movieapi.py
script.media.aggregator/nforeader.py
script.media.aggregator/nfowriter.py
script.media.aggregator/nnmclub.py
script.media.aggregator/player.py
script.media.aggregator/plugin.py
script.media.aggregator/resources/settings.xml
.xml
script.media.aggregator/rutor.py
script.media.aggregator/scraper.py
.py .js
script.media.aggregator/service.py
script.media.aggregator/settings.py
script.media.aggregator/soap4me.py
script.media.aggregator/socks.py
.py .js
script.media.aggregator/sources.py
script.media.aggregator/standalone.py.orig
script.media.aggregator/strmwriter.py
script.media.aggregator/torrent2httpplayer.py
script.media.aggregator/torrserverplayer.py
script.media.aggregator/tvshowapi.py
script.media.aggregator/win_inet_pton.py
script.media.aggregator/yatpplayer.py

Sharing

General

Malware Config

Signatures

Files

02e744d620efd5a4c4a1194e3e78d348

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcr120

msvcp120

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB