10ddf517651872502cbd09a8e0871c93d195f50d46850e8cada88adda060fcc0

Sharing

Copy URL Twitter E-mail

General

Target

10ddf517651872502cbd09a8e0871c93d195f50d46850e8cada88adda060fcc0
Size

9.5MB
MD5

de6d9277a8510ec09fd24be360740c6e
SHA1

26ba62bee2388d03169fda8cdfe73917dc160b93
SHA256

10ddf517651872502cbd09a8e0871c93d195f50d46850e8cada88adda060fcc0
SHA512

e702313a483744fbc5b5ed7fe2c481a0db1477cf84e8f96149d66263eff84993253cd1a4d50db71e3584346d4c8d353682e8888f4ab810cac337f7731df276bb
SSDEEP

98304:BqNu56FTIT9s2KALLjR+SFZKzm8lCkCBmfCECVCW:BD5+ITZt3jRXx8VI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10ddf517651872502cbd09a8e0871c93d195f50d46850e8cada88adda060fcc0

Files

10ddf517651872502cbd09a8e0871c93d195f50d46850e8cada88adda060fcc0
.exe windows:5 windows x64 arch:x64

679d1721e41a9a14224115fbe505c12e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\vmagent_new\bin\joblist\741153\src\c\channel_packet_lite\build_sln\MediaEditor\Release\MediaEditor.pdb

Imports

kernel32

FormatMessageA
GetCurrentThread
ResetEvent
WaitForMultipleObjects
SetEndOfFile
SetFileTime
SystemTimeToFileTime
TlsAlloc
TlsSetValue
TlsFree
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
GetDiskFreeSpaceExW
IsBadReadPtr
IsBadWritePtr
MoveFileW
DeleteFileW
WriteFile
InitializeCriticalSection
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
CreateFileW
GetSystemWindowsDirectoryW
FindResourceExW
GetSystemInfo
DuplicateHandle
ExitProcess
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
WriteConsoleW
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
SetConsoleCtrlHandler
ExitThread
RtlUnwindEx
QueryDepthSList
InterlockedFlushSList
VirtualProtect
FindResourceW
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
SuspendThread
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsProcessorFeaturePresent
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStringTypeW
GetLocaleInfoW
LCMapStringW
GetCPInfo
GetExitCodeThread
WaitForSingleObjectEx
EncodePointer
RtlPcToFileHeader
LocalFileTimeToFileTime
FlushConsoleInputBuffer
GlobalMemoryStatus
GetFileType
RtlVirtualUnwind
lstrcmpW
lstrcatW
TlsGetValue
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemDirectoryW
SetFilePointerEx
FlushFileBuffers
UnregisterWaitEx
RegisterWaitForSingleObject
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetNativeSystemInfo
IsDebuggerPresent
lstrcmpiA
GetUserDefaultLangID
TryEnterCriticalSection
ReplaceFileW
MoveFileExW
GetFileAttributesExW
GetCurrentDirectoryW
UnmapViewOfFile
GetLongPathNameW
QueryPerformanceFrequency
QueryPerformanceCounter
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
AssignProcessToJobObject
TerminateThread
FindNextFileW
FindFirstFileW
SetFileAttributesW
RemoveDirectoryW
FindClose
SetFilePointer
GetSystemTimeAsFileTime
OutputDebugStringA
CompareStringW
WritePrivateProfileStringW
GetPrivateProfileStringW
LocalFree
LocalAlloc
lstrcpyW
GetModuleHandleA
GlobalFree
CreateSemaphoreW
ReleaseSemaphore
GetProfileIntA
lstrlenA
MulDiv
lstrcpyA
lstrcpynA
GetFileSize
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
GetStdHandle
lstrcpynW
GetTickCount64
CopyFileW
OpenMutexW
CreateMutexW
CreateMutexA
ReleaseMutex
OpenProcess
CreateProcessW
PeekNamedPipe
CreatePipe
SetHandleInformation
GetExitCodeProcess
lstrcmpiW
SetLastError
CreateThread
TerminateProcess
GetComputerNameW
GetFileAttributesW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
OutputDebugStringW
GetCommandLineW
GetModuleHandleExA
LoadLibraryW
LoadLibraryA
GetTickCount
GetNumaHighestNodeNumber
ReadFile
WriteProcessMemory
SetUnhandledExceptionFilter
VirtualQuery
VirtualFree
VirtualAlloc
GetModuleFileNameW
CreateEventW
WaitForSingleObject
SetEvent
DecodePointer
GetModuleHandleW
LoadLibraryExW
CloseHandle
DeviceIoControl
SizeofResource
LoadResource
Sleep
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetCurrentProcess
GetProcAddress
FreeLibrary
LockResource
FreeResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
ResumeThread
SetThreadPriority
UnhandledExceptionFilter
GetCurrentThreadId
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
FreeLibraryAndExitThread

user32

RegisterClassExW
GetClassInfoExW
CreateWindowExW
SetFocus
GetActiveWindow
SetTimer
KillTimer
UpdateWindow
GetLastActivePopup
IsWindowEnabled
GetWindowRgn
GetClientRect
SubtractRect
FillRect
SetRectEmpty
GetSysColor
SetCaretPos
ShowCaret
HideCaret
CreateCaret
EnableScrollBar
ShowScrollBar
SetScrollRange
SetScrollPos
ScrollWindowEx
GetFocus
GetDlgItem
GetDoubleClickTime
GetWindowDC
UpdateLayeredWindow
MoveWindow
GetGUIThreadInfo
MonitorFromRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
ReleaseDC
GetDC
GetWindowRect
GetCursorPos
MapWindowPoints
CopyRect
IntersectRect
MessageBoxW
SetWindowLongPtrW
GetParent
GetWindow
LoadCursorW
MonitorFromWindow
GetMonitorInfoW
CharNextW
DialogBoxParamW
EndDialog
ReplyMessage
AllowSetForegroundWindow
SetPropA
GetPropA
RemovePropA
PostMessageW
MessageBeep
OffsetRect
EqualRect
PtInRect
IsZoomed
CreateDialogParamW
SetWindowRgn
SetWindowTextW
SendMessageW
DefWindowProcW
CallWindowProcW
GetKeyState
GetSystemMetrics
DrawTextW
GetAsyncKeyState
SetWindowPos
ShowWindow
DestroyWindow
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
InvalidateRect
ClientToScreen
SetCursor
ReleaseCapture
SetCapture
WaitMessage
EnableWindow
CallMsgFilterW
GetQueueStatus
MsgWaitForMultipleObjectsEx
wsprintfW
FrameRect
GetProcessWindowStation
GetUserObjectInformationW
WindowFromDC
GetIconInfo
GetMessagePos
GetCapture
SetCursorPos
DrawIconEx
InvalidateRgn
AdjustWindowRectEx
TrackMouseEvent
GetMessageExtraInfo
PostQuitMessage
SetActiveWindow
IsIconic
IsRectEmpty
GetDesktopWindow
GetWindowThreadProcessId
SetForegroundWindow
PeekMessageW
FindWindowExW
GetWindowTextW
GetWindowTextLengthW
ScreenToClient
InflateRect
SetWindowLongW
GetWindowLongPtrW
SystemParametersInfoW
GetForegroundWindow
AttachThreadInput
FindWindowW
SendMessageTimeoutW
UnregisterClassW
IsWindowVisible
BringWindowToTop
GetWindowLongW
RegisterWindowMessageW
LoadMenuW
GetMenuStringW
DestroyMenu
GetSubMenu
GetMenuItemCount
SetMenuItemBitmaps
GetMenuItemInfoW
DestroyIcon
LoadImageW
BeginPaint
EndPaint
IsChild
WindowFromPoint
GetClassNameW
GetAncestor
LoadStringW
MonitorFromPoint
RegisterClipboardFormatW

gdi32

IntersectClipRect
SetWindowOrgEx
LPtoDP
GetCurrentObject
TextOutW
GetPath
EndPath
BeginPath
GetObjectType
EnumFontFamiliesW
CreateFontW
RemoveFontResourceExW
AddFontResourceExW
EnumFontFamiliesExW
CreatePolygonRgn
SelectClipRgn
PtInRegion
GetRgnBox
CreateRectRgn
CreateEllipticRgn
RectVisible
PtVisible
CreateSolidBrush
GetDIBits
CreateDCW
MoveToEx
LineTo
CreatePen
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SaveDC
RestoreDC
OffsetRgn
GdiSetBatchLimit
GetTextMetricsW
PatBlt
GetStockObject
GetDeviceCaps
ExtTextOutW
SetTextColor
SetBkColor
GetTextExtentPoint32W
GdiAlphaBlend
StretchBlt
SetBkMode
SetViewportOrgEx
SetStretchBltMode
SelectObject
CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
CreateRoundRectRgn
CreateRectRgnIndirect
CombineRgn
CreateDIBSection
DeleteDC
CreateCompatibleDC
GetObjectW
DeleteObject
SetLayout
GetRandomRgn
GetLayout

shell32

SHAppBarMessage
SHFileOperationW
SHGetFolderPathW
SHGetPathFromIDListW
CommandLineToArgvW
SHBrowseForFolderW
SHGetDesktopFolder
Shell_NotifyIconW
DragQueryFileW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal
CoInitializeEx
StringFromGUID2
OleDuplicateData
DoDragDrop
RevokeDragDrop
CoUninitialize
RegisterDragDrop
ReleaseStgMedium

oleaut32

VariantChangeType
VarUI4FromStr
SysAllocStringLen
VariantInit
SysAllocString
SysFreeString
SysAllocStringByteLen
VarBstrCmp
SysStringByteLen
VariantClear
CreateDispTypeInfo
VarCmp
VariantCopy
CreateStdDispatch

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

ReportEventW
RegOpenKeyExW
RegCloseKey
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExW
CreateProcessAsUserW
DeregisterEventSource
RegisterEventSourceW

utilsrv

mlt_audioplayer_getstatus
mlt_audioplayer_play
mlt_audioplayer_stop
mlt_audioplayer_getinfo
mltIsGifAnimation
mlt_audioplayer_init
mlt_audioplayer_exit
util_srv_uninit
black_video_detect
mltMateralConversion

libmltwrapper

MLT_ClearAll
MLT_ClipGetFrame
MLT_ClipGetFrameImage
MLT_ClipGetInfo
MLT_ClipPause
MLT_ClipPlay
MLT_ClipRelease
MLT_ClipRemoveFilter
MLT_ClipRemoveTransition
MLT_ClipSeek
MLT_ClipSetFilter
MLT_ClipSetInAndOut
MLT_ClipSetTransition
MLT_DeleteClip
MLT_EnableBlur
MLT_Environment_Set
MLT_FinalTimeLineUpdate
MLT_Init
MLT_IsExifFile
MLT_KeylightExport
MLT_LutPreviewFrame
MLT_NewClip
MLT_ReBuildClipTransition
MLT_SetEncoder
MLT_SetMode
MLT_SetProfile
MLT_Stop
MLT_TimeLineAddAudio
MLT_TimeLineChange
MLT_TimeLineExport
MLT_TimeLineGetFrame
MLT_TimeLineGetInfo
MLT_TimeLineInsertClip
MLT_TimeLinePause
MLT_TimeLinePlay
MLT_TimeLinePlaySpeed
MLT_TimeLineRemoveAudio
MLT_TimeLineRemoveClip
MLT_TimeLineSeek
MLT_TimeLineUpdateAudio
MLT_TrackAddAudio
MLT_TrackClipChangeTrack
MLT_TrackClipCopy
MLT_TrackClipGetVolume
MLT_TrackClipGetWave
MLT_TrackClipHasAudio
MLT_TrackClipMove
MLT_TrackClipSetInAndOut
MLT_TrackClipSpeed
MLT_TrackClipSplit
MLT_TrackClipVolume
MLT_TrackGetClipInfo
MLT_TrackRemoveAudio
MLT_TrackRemoveFilter
MLT_TrackSetFilter
MLT_TrackVideoSeparateAudio
MLT_TrackVolume
MLT_UnInit

wininet

InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
FtpGetFileSize
FtpCommandW
FtpOpenFileW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionA
InternetWriteFile
InternetReadFileExA
InternetErrorDlg
HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersW
HttpAddRequestHeadersA
HttpOpenRequestW
InternetOpenW
InternetQueryOptionW
InternetConnectW
InternetCrackUrlW
InternetSetOptionW
InternetCloseHandle

d3d9

Direct3DCreate9

libcurl

curl_easy_setopt
curl_easy_init
curl_global_init
curl_easy_cleanup
curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_formadd
curl_formfree
curl_global_cleanup
curl_easy_getinfo
curl_mime_init
curl_mime_free
curl_mime_addpart
curl_mime_name
curl_mime_data
curl_mime_filedata
curl_easy_reset
curl_easy_perform

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

shlwapi

PathIsDirectoryW
PathIsUNCW
PathIsNetworkPathW
PathGetDriveNumberW
PathFileExistsA
PathRenameExtensionW
PathIsRootW
PathIsURLW
SHSetValueA
SHGetValueA
PathAddBackslashW
PathFindFileNameA
SHGetValueW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathAppendW
StrCmpIW
StrStrIW
StrTrimA
StrCmpNIW
PathCombineW

comctl32

ImageList_Destroy
ImageList_GetIconSize
ImageList_Remove
InitCommonControlsEx
_TrackMouseEvent
ImageList_Create
ImageList_Add
ImageList_Draw

msimg32

AlphaBlend

iphlpapi

GetAdaptersInfo

imm32

ImmReleaseContext
ImmGetContext

gdiplus

GdipDeleteCustomLineCap
GdipSetPenDashStyle
GdipSetPenMode
GdipSetPenCustomEndCap
GdipTranslateWorldTransform
GdipCreateBitmapFromHICON
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipFillPolygon
GdipSetImageAttributesColorMatrix
GdipSetInterpolationMode
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipImageRotateFlip
GdipGetImagePixelFormat
GdipSaveImageToFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStream
GdipResetClip
GdipSetClipRegion
GdipSetClipRectI
GdipGraphicsClear
GdipCreateBitmapFromHBITMAP
GdipDeleteRegion
GdipCreateRegion
GdipSetPenDashArray
GdipCombineRegionRectI
GdipGetImageEncodersSize
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateAdjustableArrowCap
GdipDrawString
GdipGetFontSize
GdipGetFontStyle
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipGetPathWorldBounds
GdipAddPathString
GdipDeletePath
GdipCreatePath
GdipDrawImageRectRectI
GdipDrawRectangleI
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDrawImageRectRect
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateBitmapFromFile
GdipGetImageGraphicsContext
GdipCreateTexture
GdipDeleteBrush
GdipCloneBrush
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCloneBitmapAreaI
GdipGetDC
GdipReleaseDC
GdipDrawLineI
GdipDrawEllipseI
GdipDrawImagePointRectI
GdipSetPageScale
GdipSetPageUnit
GdipGetPageScale
GdipGetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipGetCompositingQuality
GdipSetCompositingQuality
GdipGetCompositingMode
GdipSetCompositingMode
GdipGetDpiY
GdipGetDpiX
GdipGetPageUnit
GdipAddPathBezierI
GdipAddPathLineI
GdipClosePathFigure
GdipGetPathData
GdipGetPointCount
GdipCreateLineBrushFromRectI
GdipFillPath
GdipDrawPath
GdipSetPenLineJoin
GdipAddPathStringI
GdipCreateStringFormat
GdipSetStringFormatFlags
GdipGetImageEncoders

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

netapi32

Netbios

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 394KB - Virtual size: 873KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

679d1721e41a9a14224115fbe505c12e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

comdlg32

advapi32

utilsrv

libmltwrapper

wininet

d3d9

libcurl

version

winmm

shlwapi

comctl32

msimg32

iphlpapi

imm32

gdiplus

userenv

netapi32

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 394KB - Virtual size: 873KB

.pdata Size: 285KB - Virtual size: 285KB

.gfids Size: 4KB - Virtual size: 3KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 5.6MB - Virtual size: 5.6MB

.reloc Size: 70KB - Virtual size: 70KB

.text
Size: 6.2MB - Virtual size: 6.2MB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 394KB - Virtual size: 873KB

.pdata
Size: 285KB - Virtual size: 285KB

.gfids
Size: 4KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 5.6MB - Virtual size: 5.6MB

.reloc
Size: 70KB - Virtual size: 70KB