69faebf3f92625180578f7a937cf93405d213228dd4db2cce49bdbd607b80ac8

Sharing

Copy URL Twitter E-mail

General

Target

69faebf3f92625180578f7a937cf93405d213228dd4db2cce49bdbd607b80ac8
Size

2.8MB
MD5

010221c213f01b7ceab3f39f9f53816c
SHA1

1122e0c4281473e97b94997a61d653e933500293
SHA256

69faebf3f92625180578f7a937cf93405d213228dd4db2cce49bdbd607b80ac8
SHA512

dc50f527ea1519486e8288fb04b807be394c665bd10dbd1fc07fbc405f9b4955072b207137e27f2c52ab48269c68a600f8182442446f229ebae3becf7a722722
SSDEEP

49152:mVQi5o5Au9UT5zU5cN5SFdmRGKR2tRx7e+1cJuND/jEV02S:OQi5Zu9+zU5cTSFdmRGKEzx7e+cJudjZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69faebf3f92625180578f7a937cf93405d213228dd4db2cce49bdbd607b80ac8

Files

69faebf3f92625180578f7a937cf93405d213228dd4db2cce49bdbd607b80ac8
.dll regsvr32 windows:6 windows x86 arch:x86

241f7d354c93460bd5e5f025af764c2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\work\VideoActiveX\VideoActiveX\Release\VideoActiveX.pdb

Imports

kernel32

LCMapStringEx
CompareStringEx
WriteConsoleW
WaitForSingleObjectEx
OutputDebugStringW
SetFilePointerEx
GetTimeZoneInformation
GetStringTypeW
HeapQueryInformation
HeapSize
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
QueryPerformanceCounter
InitOnceExecuteOnce
GetStartupInfoW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ReadConsoleW
IsValidCodePage
GetConsoleCP
GetStdHandle
GetFileType
SetStdHandle
HeapValidate
ExitThread
VirtualQuery
SetThreadStackGuarantee
RtlUnwind
GetCommandLineA
GetLogicalDrives
AreFileApisANSI
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
IsDebuggerPresent
GetSystemTimeAsFileTime
CreateMutexW
ReleaseMutex
HeapFree
GetProcessHeap
HeapAlloc
CreateFileW
IsProcessorFeaturePresent
GetSystemInfo
VirtualAlloc
VirtualFree
InitializeCriticalSectionEx
RaiseException
SetEnvironmentVariableA
GetConsoleMode
SetLastError
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
Sleep
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
InitializeCriticalSection
MultiByteToWideChar
WaitForSingleObject
LoadLibraryA
GetProcAddress
CreateDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GetExitCodeThread
TerminateThread
GetFileAttributesW
OutputDebugStringA
GetLastError
CreateThread
GetVersion
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThreadId
FreeLibrary
FreeResource
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GlobalSize
GlobalFree
LocalFree
MulDiv
FormatMessageA
CopyFileA
GetCurrentProcessId
GetModuleFileNameA
InterlockedExchange
GetCurrentThread
GetVersionExA
lstrcmpA
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
ApplicationRecoveryInProgress
ApplicationRecoveryFinished
GetThreadPreferredUILanguages
GetLocaleInfoEx
InterlockedDecrement
InterlockedIncrement
CloseHandle
SetThreadPriority
ResumeThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
IsDBCSLeadByte
GetUserDefaultLCID
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
VerSetConditionMask
lstrcpyA
VerifyVersionInfoA
GlobalFlags
GetOEMCP
GetCPInfo
FileTimeToSystemTime
GetACP
GetCurrentDirectoryA
DeleteFileA
CreateFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
FileTimeToLocalFileTime
FindResourceExW
GetUserDefaultUILanguage
GetTempPathA
GetTempFileNameA
GetWindowsDirectoryA
SearchPathA
GetTickCount
GetProfileIntA
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
VirtualProtect

user32

DrawIconEx
DrawFocusRect
DrawFrameControl
GetTabbedTextExtentW
DestroyIcon
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
GetSystemMenu
LoadMenuW
KillTimer
SetTimer
GetAsyncKeyState
CharUpperA
IsZoomed
IsIconic
TrackMouseEvent
GetDialogBaseUnits
CopyImage
GetMenuItemInfoA
RealChildWindowFromPoint
EnumDisplayMonitors
SystemParametersInfoA
LoadCursorW
GetSysColorBrush
SetLayeredWindowAttributes
UnregisterClassA
EnumChildWindows
LockWindowUpdate
RegisterClipboardFormatA
SetRect
SetRectEmpty
IsRectEmpty
IntersectRect
SetWindowRgn
GetKeyboardLayout
CreateMenu
OffsetRect
InflateRect
DrawEdge
ShowOwnedPopups
TranslateMessage
PostQuitMessage
GetCursorPos
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
GetActiveWindow
GetNextDlgTabItem
EndDialog
WaitMessage
GetNextDlgGroupItem
GetIconInfo
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
CreateDialogIndirectParamA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
CopyIcon
SetMenuItemInfoA
HideCaret
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
BringWindowToTop
SetClassLongA
ChangeWindowMessageFilter
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageW
LoadImageA
CharUpperBuffA
ModifyMenuA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
DestroyMenu
ReuseDDElParam
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetWindowTextLengthA
AdjustWindowRectEx
MessageBoxA
ScreenToClient
MapWindowPoints
GetSysColor
EqualRect
PtInRect
RegisterWindowMessageA
GetWindowLongA
SetWindowLongA
GetClassLongA
GetTopWindow
GetLastActivePopup
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMenuStringA
FrameRect
GetMonitorInfoA
ShowWindow
InvertRect
GetDCEx
GetDoubleClickTime
IsCharLowerA
CheckDlgButton
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
DestroyCursor
MapDialogRect
GetComboBoxInfo
GetWindowRgn
EnableWindow
SendMessageA
SetParent
GetWindowRect
GetParent
GetDesktopWindow
GetSystemMetrics
MoveWindow
SetCapture
LoadCursorA
SetCursor
ReleaseCapture
IsWindowVisible
GetDC
GetMessageA
PostThreadMessageA
DrawStateA
UpdateWindow
InvalidateRect
GetClientRect
FillRect
GetClassNameA
LoadBitmapW
IsWindow
GetKeyNameTextA
MapVirtualKeyA
ReleaseDC
CopyRect
GetMenuCheckMarkDimensions
DrawIcon

gdi32

GetTextFaceA
SetPixelV
GetWindowOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
RoundRect
UnrealizeObject
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
Rectangle
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
Polyline
Polygon
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
EnumFontFamiliesExA
GetTextAlign
CreateDIBSection
CreateCompatibleBitmap
CreateRoundRectRgn
GetTextExtentPoint32A
DPtoLP
SetRectRgn
GetTextMetricsA
GetTextCharsetInfo
EnumFontFamiliesA
CreateFontIndirectA
CreateDIBitmap
OffsetRgn
GetViewportOrgEx
CombineRgn
LPtoDP
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
GetObjectA
GetStockObject
DeleteObject
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExW
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegCloseKey

shell32

SHAppBarMessage
SHBrowseForFolderA
SHGetPathFromIDListA
SHCreateItemFromParsingName
SHGetKnownFolderPath
ExtractIconA
DragFinish
DragQueryFileA
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoA

comctl32

ImageList_GetImageCount

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathIsDirectoryA
PathRemoveFileSpecW

uxtheme

DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeParentBackground
IsAppThemed

dwmapi

DwmIsCompositionEnabled
DwmSetWindowAttribute
DwmDefWindowProc

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleLockRunning
CoInitializeEx
DoDragDrop
CreateILockBytesOnHGlobal
OleLoadFromStream
StgCreateDocfileOnILockBytes
ReadClassStm
CreateDataAdviseHolder
OleSaveToStream
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoDisconnectObject
CreateDataCache
CoInitialize
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SystemTimeToVariantTime
OleCreatePropertyFrame
SysStringLen
RegisterTypeLi
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
OleLoadPicture
SysAllocStringLen
LoadRegTypeLi
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
SysAllocString
OleCreateFontIndirect
OleCreatePictureIndirect

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageI
GdipGetImagePixelFormat
GdipBitmapUnlockBits

d3d9

Direct3DCreate9

dll_decode

new_decoder
delete_decoder

winmm

waveInStart
waveInStop
waveInClose
waveInUnprepareHeader
waveOutOpen
waveOutClose
waveOutUnprepareHeader
waveInOpen
waveOutPrepareHeader
waveInAddBuffer
waveInPrepareHeader
waveOutWrite
PlaySoundA

ws2_32

inet_addr
ioctlsocket
htons
send
closesocket
recv
connect
select
WSAGetLastError
ntohl
ntohs
__WSAFDIsSet
htonl
socket
setsockopt

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 13.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

241f7d354c93460bd5e5f025af764c2c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

gdiplus

d3d9

dll_decode

winmm

ws2_32

oleacc

imm32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 435KB - Virtual size: 434KB

.data Size: 62KB - Virtual size: 13.3MB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 481KB - Virtual size: 481KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 435KB - Virtual size: 434KB

.data
Size: 62KB - Virtual size: 13.3MB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 481KB - Virtual size: 481KB