67f3c2235d4d8b3827df4a1c428c4857e3adc70d73f2b9a85d13fd5a78f85857

Sharing

Copy URL

Twitter E-mail

General

Target

67f3c2235d4d8b3827df4a1c428c4857e3adc70d73f2b9a85d13fd5a78f85857
Size

956KB
MD5

cdfbab4da483151a0629e1ec17234bb1
SHA1

e2cd38423e4e6e283f023156e7d3fbc1325909f6
SHA256

67f3c2235d4d8b3827df4a1c428c4857e3adc70d73f2b9a85d13fd5a78f85857
SHA512

245ad6abd9e68ec5ce2f5e8571555c1290861e14ee3dca1916fb0e10cb762b8d26c1caf548dbf0c7b16f8abac174f75c7e426d1ebe7f7fc2ae247e5f4768dfba
SSDEEP

24576:XJS57CAhXiTQ6B5ZGZow6Ips4AD4i+sPM:ZSFLX658Zo6ps4jTsPM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67f3c2235d4d8b3827df4a1c428c4857e3adc70d73f2b9a85d13fd5a78f85857

Files

67f3c2235d4d8b3827df4a1c428c4857e3adc70d73f2b9a85d13fd5a78f85857
.dll windows:6 windows x64 arch:x64

9e46fde7448cf6447207858ce6028589

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\workspace\Build\msvc\x64\__bin\Release\mfx_loader_dll_hw64_full.pdb

Imports

cfgmgr32

CM_Open_DevNode_Key
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW

kernel32

InitializeCriticalSectionEx
DeleteCriticalSection
SetThreadErrorMode
RaiseException
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
WriteConsoleW
CreateFileW
CloseHandle
ReadConsoleW
ReadFile
DecodePointer
GetLastError
FreeLibrary
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
LocalFree
EncodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsDebuggerPresent
OutputDebugStringW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
ExitProcess
GetModuleFileNameW
GetCurrentThread
HeapFree
HeapReAlloc
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetStdHandle
GetFileType
SetConsoleCtrlHandler
GetTimeZoneInformation
HeapSize
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
RtlUnwind

user32

UnregisterClassW

ole32

StringFromGUID2

advapi32

RegCloseKey
RegQueryValueExW

Exports

Exports

MFXCloneSession
MFXClose
MFXDisjoinSession
MFXDoWork
MFXGetPriority
MFXInit
MFXInitEx
MFXJoinSession
MFXQueryIMPL
MFXQueryVersion
MFXSetPriority
MFXVideoCORE_GetHandle
MFXVideoCORE_QueryPlatform
MFXVideoCORE_SetBufferAllocator
MFXVideoCORE_SetFrameAllocator
MFXVideoCORE_SetHandle
MFXVideoCORE_SyncOperation
MFXVideoDECODE_Close
MFXVideoDECODE_DecodeFrameAsync
MFXVideoDECODE_DecodeHeader
MFXVideoDECODE_GetDecodeStat
MFXVideoDECODE_GetPayload
MFXVideoDECODE_GetVideoParam
MFXVideoDECODE_Init
MFXVideoDECODE_Query
MFXVideoDECODE_QueryIOSurf
MFXVideoDECODE_Reset
MFXVideoDECODE_SetSkipMode
MFXVideoENCODE_Close
MFXVideoENCODE_EncodeFrameAsync
MFXVideoENCODE_GetEncodeStat
MFXVideoENCODE_GetVideoParam
MFXVideoENCODE_Init
MFXVideoENCODE_Query
MFXVideoENCODE_QueryIOSurf
MFXVideoENCODE_Reset
MFXVideoENC_Close
MFXVideoENC_GetVideoParam
MFXVideoENC_Init
MFXVideoENC_ProcessFrameAsync
MFXVideoENC_Query
MFXVideoENC_QueryIOSurf
MFXVideoENC_Reset
MFXVideoPAK_Close
MFXVideoPAK_GetVideoParam
MFXVideoPAK_Init
MFXVideoPAK_ProcessFrameAsync
MFXVideoPAK_Query
MFXVideoPAK_QueryIOSurf
MFXVideoPAK_Reset
MFXVideoUSER_GetPlugin
MFXVideoUSER_ProcessFrameAsync
MFXVideoUSER_Register
MFXVideoUSER_Unregister
MFXVideoVPP_Close
MFXVideoVPP_GetVPPStat
MFXVideoVPP_GetVideoParam
MFXVideoVPP_Init
MFXVideoVPP_Query
MFXVideoVPP_QueryIOSurf
MFXVideoVPP_Reset
MFXVideoVPP_RunFrameVPPAsync
MFXVideoVPP_RunFrameVPPAsyncEx

Sections

.text
Size: 664KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e46fde7448cf6447207858ce6028589

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cfgmgr32

kernel32

user32

ole32

advapi32

Exports

Exports

Sections

.text Size: 664KB - Virtual size: 663KB

.rdata Size: 172KB - Virtual size: 171KB

.data Size: 8KB - Virtual size: 16KB

.pdata Size: 35KB - Virtual size: 35KB

_RDATA Size: 512B - Virtual size: 256B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 664KB - Virtual size: 663KB

.rdata
Size: 172KB - Virtual size: 171KB

.data
Size: 8KB - Virtual size: 16KB

.pdata
Size: 35KB - Virtual size: 35KB

_RDATA
Size: 512B - Virtual size: 256B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB