465b5d21602412cfcafb1779fd79ff88

Sharing

Copy URL Twitter E-mail

General

Target

465b5d21602412cfcafb1779fd79ff88
Size

671KB
MD5

465b5d21602412cfcafb1779fd79ff88
SHA1

ea138e2cdbd436b33e94a0763ad962bb0726eeb5
SHA256

5bc53a3233625e0eb321c95e2ecfd3d8aa188cb7efa4aac6fbccab63492137ac
SHA512

b2e74fdf9726ec175cdec0eae56971c6448805f4dd94ab147096964f3059dcf8f9143f6e77ba4695e9466f8f9cafcc09afaa0c1d8695eab6ff905b978d589fa2
SSDEEP

12288:kfciaCYHDpBiaa7DOibKvblH+pY2ps82LMR6PutkFKmZQgV+Cl0NFnSV:kfzaCYjiVDRU92l6u8ZQi1WFA

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DivX_6.8.4.1-snear/DivX.dll
unpack001/DivX_6.8.4.1-snear/DivXdec.ax
unpack001/DivX_6.8.4.1-snear/dpl100.dll

Files

465b5d21602412cfcafb1779fd79ff88
.rar
DivX_6.8.4.1-snear/DivX.dll
.dll windows:4 windows x86 arch:x86

38e0e7377617218f97d6699f5fb7575d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

DefDriverProc
timeEndPeriod
timeGetTime
timeGetDevCaps
timeBeginPeriod

dpl100

divXLicenseRelease
getLicenseState
divXLicenseInit
registerSerialNumber
registerGUIDSerialNumber

mfc42

ord6375
ord2302
ord2642
ord540
ord4160
ord800
ord6197
ord537
ord2370
ord2367
ord2291
ord941
ord1200
ord4123
ord6199
ord3092
ord2379
ord795
ord609
ord771
ord4259
ord496
ord567
ord1008
ord5638
ord1199
ord2116
ord6215
ord2078
ord4299
ord2882
ord2864
ord6880
ord289
ord2860
ord3874
ord5789
ord613
ord5875
ord3896
ord3721
ord4627
ord3402
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3574
ord4396
ord2575
ord3700
ord4431
ord2054
ord4439
ord5288
ord1690
ord4715
ord641
ord324
ord4234
ord4710
ord2818
ord5953
ord3597
ord4425
ord5280
ord1775
ord6052
ord4998
ord4853
ord4376
ord5265
ord2256
ord860
ord768
ord1907
ord489
ord4976
ord4258
ord4835
ord5287
ord4486
ord4377
ord4358
ord4948
ord4742
ord4905
ord5160
ord5162
ord5161
ord616
ord656
ord1147
ord2614
ord2737
ord2358
ord3089
ord6334
ord5981
ord355
ord2515
ord3499
ord3582
ord4398
ord2578
ord4218
ord2023
ord2411
ord3610
ord3699
ord790
ord4694
ord3716
ord4284
ord693
ord2301
ord319
ord4224
ord3998
ord6907
ord6905
ord3910
ord5572
ord3996
ord3640
ord3370
ord4402
ord2582
ord817
ord565
ord2086
ord3741
ord3353
ord5715
ord4699
ord5303
ord765
ord326
ord3744
ord4047
ord3698
ord4204
ord5710
ord4129
ord2298
ord2366
ord2293
ord2294
ord2362
ord2817
ord1641
ord2414
ord6646
ord470
ord755
ord2859
ord6453
ord535
ord858
ord3752
ord6128
ord3753
ord5148
ord6111
ord3663
ord3626
ord3619
ord939
ord2080
ord2113
ord2089
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3401
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord3953
ord2725
ord561
ord2514
ord2528
ord1175
ord2867
ord1168
ord815
ord6467
ord2915
ord823
ord825
ord4854

msvcrt

srand
sin
memset
__CxxFrameHandler
_CxxThrowException
__RTDynamicCast
_snwprintf
strncpy
ceil
_except_handler3
atoi
strstr
sprintf
fclose
fopen
free
malloc
_purecall
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
localeconv
strtoul
_errno
strtol
memchr
strcspn
memmove
memcpy
??0exception@@QAE@ABV0@@Z
strchr
sscanf
printf
fprintf
log
exp
fread
ftell
fseek
pow
log10
remove
strncmp
floor
fputc
fgetc
fflush
fscanf
cos
rand
time
_mbscmp
_stricmp
atof
_getdrive
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__dllonexit
_onexit
?terminate@@YAXXZ

kernel32

WaitForSingleObject
CloseHandle
CreateEventA
CreateThread
ExpandEnvironmentStringsA
GetLastError
CreateMutexA
FreeLibrary
GetProcAddress
InitializeCriticalSection
GetSystemDefaultLangID
SetEvent
GetModuleHandleA
GetFileAttributesA
GetExitCodeThread
SetThreadPriority
GetVersion
ExitThread
SetPriorityClass
GetTickCount
GetPriorityClass
LocalFree
LocalAlloc
SetProcessAffinityMask
Sleep
GetProcessAffinityMask
GetCurrentProcess
DeleteCriticalSection
GetModuleFileNameA
IsBadWritePtr
EnterCriticalSection
ResetEvent
LoadLibraryA
WaitForMultipleObjects
LeaveCriticalSection

user32

GetScrollRange
GetScrollPos
SetScrollRange
SetScrollPos
GetDC
ReleaseDC
PeekMessageA
TranslateMessage
MessageBoxA
GetWindowRect
SendMessageA
EnableWindow
SetTimer
LoadBitmapA
DispatchMessageA
GetCursorPos
ScreenToClient
GetFocus
wsprintfA
PostMessageA
RedrawWindow
ClientToScreen
PtInRect
GetDesktopWindow

gdi32

StretchDIBits
CreateFontIndirectA
ExtTextOutA
GetTextExtentPoint32A
GetObjectA
DeleteObject
SetPixel

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetFolderPathA
SHCreateDirectoryExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

msvcp60

?id@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?id@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
?uncaught_exception@std@@YA_NXZ
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
_Stold
_Stod
?id@?$ctype@D@std@@2V0locale@2@A
??_7ctype_base@std@@6B@
??_7?$ctype@D@std@@6B@
_Getctype
_Stof
?_Xran@std@@YAXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?_Id_cnt@id@locale@std@@0HA
?_Getfacet@locale@std@@QBEPBVfacet@12@I_N@Z
?_Iscloc@locale@std@@QBE_NXZ
??_7facet@locale@std@@6B@
??_7?$numpunct@D@std@@6B@
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
_Toupper
_Tolower
?_Cltab@?$ctype@D@std@@0PBFB
??_7bad_cast@std@@6B@
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JW4seekdir@ios_base@2@H@Z
?underflow@strstreambuf@std@@MAEHXZ
?pbackfail@strstreambuf@std@@MAEHH@Z
?overflow@strstreambuf@std@@MAEHH@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?copyfmt@ios_base@std@@QAEAAV12@ABV12@@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Init@ios_base@std@@IAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
??_7out_of_range@std@@6B@
??_7logic_error@std@@6B@
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?freeze@strstreambuf@std@@QAEX_N@Z
??1strstream@std@@UAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Global@_Locimp@locale@std@@0PAV123@A
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??0ostrstream@std@@QAE@PADHH@Z
?_Xlen@std@@YAXXZ
??1ostrstream@std@@UAE@XZ
??1istrstream@std@@UAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1ios_base@std@@UAE@XZ
??1strstreambuf@std@@UAE@XZ
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0_Winit@std@@QAE@XZ
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z

Exports

Exports

DriverProc
GetGuiVersion
doModalConfigure

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 45KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DivX_6.8.4.1-snear/DivX6.inf
DivX_6.8.4.1-snear/DivXdec.ax
.dll regsvr32 windows:4 windows x86 arch:x86

713c9da5a0dfa2e214e434feb484cb4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime

kernel32

lstrlenA
GetModuleHandleA
GetTickCount
MultiByteToWideChar
GetProcessAffinityMask
ReadFile
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
CreateFileA
FlushFileBuffers
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteFile
HeapSize
HeapCreate
HeapDestroy
DisableThreadLibraryCalls
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
VirtualFree
WaitForMultipleObjects
ResetEvent
SetEvent
InterlockedDecrement
InterlockedIncrement
SystemTimeToFileTime
CreateMutexA
VirtualQuery
GetLastError
GetCurrentProcessId
CreateEventA
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GetVersionExA
GetProcAddress
LoadLibraryA
FreeLibrary
Sleep
CreateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetExitCodeThread
SetProcessAffinityMask
WriteConsoleW
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetProcessHeap
GetCommandLineA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
RtlUnwind
TerminateProcess
UnhandledExceptionFilter

user32

GetWindowRect
GetWindowLongA
SetDlgItemTextA
GetDlgItem
SetCursor
LoadCursorA
SetClassLongA
ShowWindow
DestroyWindow
GetDesktopWindow
LoadStringW
LoadStringA
MoveWindow
CreateDialogParamA
InvalidateRect
SetWindowLongA
DefWindowProcA

gdi32

SetTextAlign
SetTextColor
TextOutA

advapi32

RegCreateKeyA
RegSetValueA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
StringFromGUID2
CoTaskMemAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 412KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DivX_6.8.4.1-snear/ReadMe.txt
DivX_6.8.4.1-snear/dpl100.dll
.dll windows:4 windows x86 arch:x86

e1ee254df3df58940db139521fda4434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcp60

?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

msvcrt

free
??1type_info@@UAE@XZ
_initterm
malloc
_adjust_fdiv
strncpy
toupper
strncmp
__RTDynamicCast
time
wcslen
memmove
??2@YAPAXI@Z
_purecall
__CxxFrameHandler

kernel32

DisableThreadLibraryCalls
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle

advapi32

RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

Exports

Exports

divXLicenseInit
divXLicenseRelease
getLicenseState
getRemainingTrialLength
isValidSerialNumber
registerGUIDSerialNumber
registerSerialNumber

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DivX_6.8.4.1-snear/新云软件.url
.url
DivX_6.8.4.1-snear/汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

38e0e7377617218f97d6699f5fb7575d

Headers

File Characteristics

Imports

winmm

dpl100

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

msvcp60

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 47KB - Virtual size: 48KB

.idata Size: 99KB - Virtual size: 100KB

.data Size: 101KB - Virtual size: 172KB

.data1 Size: 197KB - Virtual size: 200KB

.rsrc Size: 197KB - Virtual size: 196KB

.reloc Size: 45KB - Virtual size: 64KB

.edata Size: 512B - Virtual size: 4KB

713c9da5a0dfa2e214e434feb484cb4d

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 412KB - Virtual size: 408KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 76KB - Virtual size: 136KB

.data1 Size: 4KB - Virtual size: 164B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 19KB

e1ee254df3df58940db139521fda4434

Headers

File Characteristics

Imports

msvcp60

msvcrt

kernel32

advapi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 47KB - Virtual size: 48KB

.idata
Size: 99KB - Virtual size: 100KB

.data
Size: 101KB - Virtual size: 172KB

.data1
Size: 197KB - Virtual size: 200KB

.rsrc
Size: 197KB - Virtual size: 196KB

.reloc
Size: 45KB - Virtual size: 64KB

.edata
Size: 512B - Virtual size: 4KB

.text
Size: 412KB - Virtual size: 408KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 76KB - Virtual size: 136KB

.data1
Size: 4KB - Virtual size: 164B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 8KB - Virtual size: 6KB