67cb843acde036530ff842d6440b5fced53531424173af56ed1eaad34fc7f7af

Sharing

Copy URL

Twitter E-mail

General

Target

67cb843acde036530ff842d6440b5fced53531424173af56ed1eaad34fc7f7af
Size

11.0MB
MD5

e05d9857bcfa17c4156a970749042748
SHA1

600368852df042d1ddfd732872f0cf39778430f4
SHA256

67cb843acde036530ff842d6440b5fced53531424173af56ed1eaad34fc7f7af
SHA512

f8de050f88cf5fa4121020c068ee790881d5c574fa3042ce73739b557027a74fd00dfbcdef5440a0ea7947a721adb6fdafad9bd599023b4247bb73f1bd0e2e09
SSDEEP

196608:Vp0KyWpQu5qM7S2klpUKc2PTwrqdPG1fdKOq/Ak:H0KyMQeVXkl6Kc2PTwrqdPG1fdKOq/l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67cb843acde036530ff842d6440b5fced53531424173af56ed1eaad34fc7f7af

Files

67cb843acde036530ff842d6440b5fced53531424173af56ed1eaad34fc7f7af
.exe windows:5 windows x64 arch:x64

d56ee0071aaa48e80f8aae220fb5635e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\vmagent_new\bin\joblist\776906\src\c\channel_packet_lite\build_sln\MediaEditor\Release\MediaEditor.pdb

Imports

utilsrv

black_video_detect
util_srv_uninit
mlt_audioplayer_exit
mlt_audioplayer_init
mltIsGifAnimation
mltMateralConversion
mlt_audioplayer_getinfo
mlt_audioplayer_stop
mlt_audioplayer_play
mlt_audioplayer_getstatus

libmltwrapper

MLT_ClearAll
MLT_ClearProducerResource
MLT_ClipGetFrame
MLT_ClipGetFrameImage
MLT_ClipGetInfo
MLT_ClipPause
MLT_ClipPlay
MLT_ClipRelease
MLT_ClipRemoveFilter
MLT_ClipRemoveTransition
MLT_ClipSeek
MLT_ClipSetFilter
MLT_ClipSetInAndOut
MLT_ClipSetTransition
MLT_DeleteClip
MLT_EnableBlur
MLT_Environment_Set
MLT_FinalTimeLineUpdate
MLT_Init
MLT_IsExifFile
MLT_KeylightExport
MLT_LutPreviewFrame
MLT_NewClip
MLT_ReBuildClipTransition
MLT_SetEncoder
MLT_SetMode
MLT_SetProfile
MLT_Stop
MLT_TimeLineAddAudio
MLT_TimeLineChange
MLT_TimeLineExport
MLT_TimeLineGetFrame
MLT_TimeLineGetInfo
MLT_TimeLineInsertClip
MLT_TimeLinePause
MLT_TimeLinePlay
MLT_TimeLinePlaySpeed
MLT_TimeLineRemoveAudio
MLT_TimeLineRemoveClip
MLT_TimeLineSeek
MLT_TimeLineUpdateAudio
MLT_TrackAddAudio
MLT_TrackClipChangeTrack
MLT_TrackClipCopy
MLT_TrackClipGetVolume
MLT_TrackClipGetWave
MLT_TrackClipHasAudio
MLT_TrackClipMove
MLT_TrackClipSetInAndOut
MLT_TrackClipSpeed
MLT_TrackClipSplit
MLT_TrackClipVolume
MLT_TrackGetClipInfo
MLT_TrackRemoveAudio
MLT_TrackRemoveFilter
MLT_TrackSetFilter
MLT_TrackVideoSeparateAudio
MLT_TrackVolume
MLT_UnInit

wininet

InternetSetOptionW
InternetCrackUrlW
InternetConnectW
InternetQueryOptionW
HttpOpenRequestW
HttpAddRequestHeadersA
HttpQueryInfoW
HttpSendRequestW
HttpQueryInfoA
InternetErrorDlg
InternetReadFileExA
InternetWriteFile
InternetSetOptionA
InternetGetLastResponseInfoW
InternetSetStatusCallbackW
FtpOpenFileW
FtpCommandW
InternetCloseHandle
InternetOpenW
HttpAddRequestHeadersW
InternetOpenUrlW
FtpGetFileSize
HttpSendRequestExW
HttpEndRequestW
InternetReadFile

d3d9

Direct3DCreate9

libcurl

curl_easy_reset
curl_global_init
curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_formadd
curl_formfree
curl_easy_getinfo
curl_mime_init
curl_mime_free
curl_mime_addpart
curl_mime_name
curl_mime_data
curl_mime_filedata
curl_global_cleanup

ws2_32

inet_ntoa

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

kernel32

GetStringTypeW
RtlPcToFileHeader
EncodePointer
WaitForSingleObjectEx
GetExitCodeThread
GetCPInfo
LCMapStringW
GetLocaleInfoW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
GetThreadPriority
GetLogicalProcessorInformation
DecodePointer
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FreeResource
LockResource
FreeLibrary
GetProcAddress
GetCurrentProcess
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
Sleep
LoadResource
SizeofResource
DeviceIoControl
CloseHandle
LoadLibraryExW
GetModuleHandleW
FindResourceW
FindResourceExW
GetSystemWindowsDirectoryW
CreateFileW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
TerminateProcess
WaitForSingleObject
GetModuleFileNameW
InitializeCriticalSection
WriteFile
DeleteFileW
MoveFileW
GetCurrentThreadId
SetThreadPriority
ResumeThread
SetEvent
CreateEventW
VirtualAlloc
VirtualFree
VirtualQuery
CreateTimerQueueTimer
WriteProcessMemory
ReadFile
GetTickCount
LoadLibraryA
LoadLibraryW
GetCommandLineW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFileAttributesW
GetComputerNameW
SetLastError
CreateThread
lstrcmpiW
GetExitCodeProcess
SetHandleInformation
CreatePipe
PeekNamedPipe
CreateProcessW
OpenProcess
ReleaseMutex
CreateMutexA
CreateMutexW
OpenMutexW
CopyFileW
GlobalMemoryStatusEx
GlobalAlloc
GlobalLock
GlobalUnlock
GetTickCount64
lstrcpynW
GetStdHandle
lstrlenW
GetFileSize
lstrcpynA
lstrcpyA
MulDiv
lstrlenA
GetProfileIntA
ReleaseSemaphore
CreateSemaphoreW
GlobalFree
GetModuleHandleA
lstrcpyW
LocalAlloc
LocalFree
GetPrivateProfileStringW
WritePrivateProfileStringW
CompareStringW
OutputDebugStringA
GetSystemTimeAsFileTime
SetFilePointer
FindClose
RemoveDirectoryW
SetFileAttributesW
FindFirstFileW
FindNextFileW
TerminateThread
SuspendThread
ExitProcess
DuplicateHandle
GetSystemInfo
FormatMessageA
GetCurrentThread
ResetEvent
WaitForMultipleObjects
SetEndOfFile
SetFileTime
SystemTimeToFileTime
TlsAlloc
TlsSetValue
TlsFree
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
GetDiskFreeSpaceExW
IsBadReadPtr
IsBadWritePtr
GetModuleHandleExA
AssignProcessToJobObject
GetLongPathNameW
FileTimeToSystemTime
UnmapViewOfFile
GetCurrentDirectoryW
GetFileAttributesExW
MoveFileExW
ReplaceFileW
TryEnterCriticalSection
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetUserDefaultLangID
IsDebuggerPresent
GetNativeSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
RegisterWaitForSingleObject
UnregisterWaitEx
FlushFileBuffers
SetFilePointerEx
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleHandleExW
TlsGetValue
lstrcatW
lstrcmpW
RtlVirtualUnwind
GetFileType
GlobalMemoryStatus
FlushConsoleInputBuffer
LocalFileTimeToFileTime
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
VirtualProtect
InterlockedFlushSList
QueryDepthSList
RtlUnwindEx
ExitThread
SetConsoleCtrlHandler
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
WriteConsoleW
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
SetStdHandle
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetUnhandledExceptionFilter

user32

GetSysColor
SetRectEmpty
FillRect
SubtractRect
GetWindowRgn
IsWindowEnabled
GetLastActivePopup
FrameRect
GetMessagePos
GetCapture
SetCursorPos
PeekMessageW
FindWindowExW
MessageBoxW
WaitMessage
CallMsgFilterW
GetQueueStatus
MsgWaitForMultipleObjectsEx
wsprintfW
GetProcessWindowStation
GetUserObjectInformationW
WindowFromDC
GetIconInfo
DrawIconEx
InvalidateRgn
AdjustWindowRectEx
TrackMouseEvent
GetMessageExtraInfo
ReplyMessage
EndDialog
DialogBoxParamW
CharNextW
SetCaretPos
MonitorFromWindow
GetWindow
GetParent
GetWindowLongW
IntersectRect
CopyRect
MapWindowPoints
GetCursorPos
GetWindowRect
GetClientRect
SetActiveWindow
UpdateWindow
KillTimer
SetTimer
GetActiveWindow
SetFocus
IsIconic
PostQuitMessage
LoadCursorW
SetWindowLongPtrW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
IsRectEmpty
GetDesktopWindow
GetWindowThreadProcessId
SetForegroundWindow
GetForegroundWindow
EnableWindow
BringWindowToTop
IsWindowVisible
SetWindowPos
ShowWindow
DestroyWindow
IsWindow
AttachThreadInput
FindWindowW
SendMessageTimeoutW
UnregisterClassW
ShowCaret
HideCaret
CreateCaret
EnableScrollBar
ShowScrollBar
SetScrollRange
SetScrollPos
ScrollWindowEx
GetFocus
GetDlgItem
GetDoubleClickTime
GetWindowDC
UpdateLayeredWindow
MoveWindow
GetGUIThreadInfo
MonitorFromRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
ReleaseDC
GetDC
DrawTextW
GetAsyncKeyState
DispatchMessageW
TranslateMessage
GetMessageW
InvalidateRect
ClientToScreen
SetCursor
ReleaseCapture
SetCapture
RegisterClipboardFormatW
MonitorFromPoint
LoadStringW
GetAncestor
GetClassNameW
WindowFromPoint
IsChild
EndPaint
BeginPaint
LoadImageW
DestroyIcon
GetMenuItemInfoW
SetMenuItemBitmaps
GetMenuItemCount
GetSubMenu
DestroyMenu
GetMenuStringW
LoadMenuW
RegisterWindowMessageW
SystemParametersInfoW
GetWindowLongPtrW
SetWindowLongW
InflateRect
ScreenToClient
GetWindowTextLengthW
GetSystemMetrics
GetKeyState
CallWindowProcW
DefWindowProcW
SendMessageW
SetWindowTextW
SetWindowRgn
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
PtInRect
EqualRect
OffsetRect
MessageBeep
GetWindowTextW
CreateDialogParamW
PostMessageW
RemovePropA
GetPropA
SetPropA
GetMonitorInfoW
AllowSetForegroundWindow

gdi32

CreatePen
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SaveDC
RestoreDC
CreatePolygonRgn
EnumFontFamiliesExW
AddFontResourceExW
IntersectClipRect
GdiSetBatchLimit
GetTextMetricsW
PatBlt
GetStockObject
LineTo
RemoveFontResourceExW
CreateFontW
EnumFontFamiliesW
GetObjectType
BeginPath
EndPath
ExtTextOutW
MoveToEx
GetPath
TextOutW
GetRandomRgn
GetLayout
SetLayout
GetCurrentObject
CreateDCW
DeleteObject
PtInRegion
GetRgnBox
CreateRectRgn
CreateEllipticRgn
RectVisible
PtVisible
CreateSolidBrush
GetDeviceCaps
GetDIBits
SetTextColor
SetBkColor
GetTextExtentPoint32W
GdiAlphaBlend
StretchBlt
SetBkMode
SetViewportOrgEx
SetStretchBltMode
SelectObject
CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
CreateRoundRectRgn
CreateRectRgnIndirect
CombineRgn
CreateDIBSection
DeleteDC
CreateCompatibleDC
GetObjectW
SelectClipRgn
OffsetRgn
SetWindowOrgEx
LPtoDP

shell32

ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW
DragQueryFileW
Shell_NotifyIconW
SHGetDesktopFolder
SHAppBarMessage
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
CommandLineToArgvW
SHGetFolderPathW

ole32

StringFromGUID2
CreateStreamOnHGlobal
DoDragDrop
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium
CoUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
OleDuplicateData
CoCreateGuid
CoInitializeEx

oleaut32

CreateStdDispatch
CreateDispTypeInfo
VariantCopy
VarCmp
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarBstrCmp
VariantChangeType
VarUI4FromStr
VariantClear
VariantInit
SysAllocString
SysFreeString

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegCloseKey
GetTokenInformation
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
OpenProcessToken
ReportEventW
RegisterEventSourceW
DeregisterEventSource
CreateProcessAsUserW

shlwapi

PathRenameExtensionW
PathFileExistsA
PathGetDriveNumberW
PathIsNetworkPathW
PathRemoveExtensionW
PathIsRootW
PathIsURLW
SHSetValueA
SHGetValueA
PathAddBackslashW
PathFindFileNameA
SHGetValueW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW
StrCmpIW
StrStrIW
PathCombineW
StrTrimA
StrCmpNIW
PathIsUNCW
PathIsDirectoryW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_Draw
ImageList_Remove
ImageList_GetIconSize

msimg32

AlphaBlend

iphlpapi

GetIpForwardTable
GetIpAddrTable
GetAdaptersInfo

imm32

ImmReleaseContext
ImmGetContext

gdiplus

GdipDrawEllipseI
GdipDrawLineI
GdipReleaseDC
GdipGetDC
GdipCloneBitmapAreaI
GdipCreateAdjustableArrowCap
GdipDeleteCustomLineCap
GdipSetPenMode
GdipSetPenCustomEndCap
GdipCreateLineBrushFromRectI
GdipCreateBitmapFromHICON
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipAddPathStringI
GdipSetCompositingMode
GdipGetCompositingMode
GdipSetPenLineJoin
GdipDrawPath
GdipSetPenDashStyle
GdipGetPointCount
GdipGetPathData
GdipClosePathFigure
GdipAddPathLineI
GdipGetCompositingQuality
GdipGetTextRenderingHint
GdipGetInterpolationMode
GdipGetPageScale
GdipSetPageScale
GdipDrawImagePointRectI
GdipAddPathBezierI
GdipGetPageUnit
GdipGetDpiX
GdipGetDpiY
GdipTranslateWorldTransform
GdipFillPath
GdipImageGetFrameDimensionsList
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageRectI
GdipCloneBrush
GdipDeleteBrush
GdipCreateTexture
GdipGetImageGraphicsContext
GdipCreateBitmapFromFile
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectRect
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDrawRectangleI
GdipDrawImageRectRectI
GdipCreatePath
GdipDeletePath
GdipAddPathString
GdipGetPathWorldBounds
GdipCreateFromHDC
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipGetFontStyle
GdipGetFontSize
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCombineRegionRectI
GdipSetPenDashArray
GdipCreateRegion
GdipDeleteRegion
GdipCreateBitmapFromHBITMAP
GdipGraphicsClear
GdipSetClipRectI
GdipSetClipRegion
GdipResetClip
GdipLoadImageFromStream
GdipImageGetFrameDimensionsCount
GdipNewPrivateFontCollection
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipSaveImageToFile
GdipGetImagePixelFormat
GdipImageRotateFlip
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesWrapMode
GdipSetInterpolationMode
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipSetTextRenderingHint
GdipSetPageUnit
GdipFillPolygon
GdipGetGenericFontFamilySansSerif
GdipStringFormatGetGenericDefault
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatTrimming

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

netapi32

Netbios

Sections

.text
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 403KB - Virtual size: 884KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d56ee0071aaa48e80f8aae220fb5635e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

utilsrv

libmltwrapper

wininet

d3d9

libcurl

ws2_32

version

winmm

kernel32

user32

gdi32

shell32

ole32

oleaut32

comdlg32

advapi32

shlwapi

comctl32

msimg32

iphlpapi

imm32

gdiplus

userenv

netapi32

Sections

.text Size: 6.5MB - Virtual size: 6.5MB

.rdata Size: 2.5MB - Virtual size: 2.5MB

.data Size: 403KB - Virtual size: 884KB

.pdata Size: 295KB - Virtual size: 294KB

.gfids Size: 4KB - Virtual size: 3KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 5.7MB - Virtual size: 5.7MB

.reloc Size: 71KB - Virtual size: 71KB

.text
Size: 6.5MB - Virtual size: 6.5MB

.rdata
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 403KB - Virtual size: 884KB

.pdata
Size: 295KB - Virtual size: 294KB

.gfids
Size: 4KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

.reloc
Size: 71KB - Virtual size: 71KB