c2d42582198ad974efe86f4588918e9c

Sharing

Copy URL Twitter E-mail

General

Target

c2d42582198ad974efe86f4588918e9c
Size

6.2MB
MD5

c2d42582198ad974efe86f4588918e9c
SHA1

37b640fbc3321a4c587224f166115b594c15e8ae
SHA256

f00800ffb36ca19ad2b8a4b8265642fa6c9b56f8c3c1ada62c8491b6a5455de3
SHA512

1c073bc3a0279e4d5892cc5eab65e3b28eaa5c99cd0e48bb181e6f8ef3dd0c8d9a352c01925b33e3ae69379aa0a4cf3175538956d1a2e0104ddb4b4389e1dd13
SSDEEP

196608:9XfTg0Y678Sq7DMAyE+32NEO3g2sx2CAD821wPFKVxCD5cs+lzamVqIARzAXos3P:RfsNEXBsYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2d42582198ad974efe86f4588918e9c

Files

c2d42582198ad974efe86f4588918e9c
.exe windows:4 windows x86 arch:x86

ae8ca1095594814467cc565afef0f8a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\mpc-hc\src\apps\mplayerc\release unicode\mplayerc.pdb

Imports

dsound

ord1

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ddraw

DirectDrawCreateEx

setupapi

SetupDiSetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiSetDeviceRegistryPropertyA

kernel32

UnlockFile
SetEndOfFile
GlobalGetAtomNameW
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GetFileAttributesW
GetFileTime
FindResourceExW
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
ExitProcess
HeapSize
UnhandledExceptionFilter
SetStdHandle
GetFileType
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
LockFile
HeapCreate
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
GetPrivateProfileSectionW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
lstrlenW
GetUserDefaultLCID
WideCharToMultiByte
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
LocalFree
FormatMessageW
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
MulDiv
FlushFileBuffers
lstrcmpiW
GetStringTypeExW
LocalAlloc
GetProfileIntW
GetThreadLocale
SuspendThread
ResumeThread
lstrcmpA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetVersionExA
GlobalSize
GlobalFree
FreeResource
CreateSemaphoreA
DebugBreak
GetTempFileNameW
GetTempPathW
IsDBCSLeadByteEx
RaiseException
GetVolumeInformationW
GetCurrentThread
GetThreadPriority
SetThreadPriority
VirtualAlloc
VirtualFree
GetSystemInfo
lstrcmpW
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexA
ReleaseMutex
GetModuleHandleA
VirtualQuery
LoadLibraryA
FlushInstructionCache
InterlockedIncrement
ReleaseSemaphore
InterlockedDecrement
ResetEvent
GetTempPathA
GetTempFileNameA
DeleteFileA
CreatePipe
DuplicateHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateProcessW
TerminateProcess
GetWindowsDirectoryW
WriteFile
CreateNamedPipeW
ConnectNamedPipe
CopyFileW
GetACP
GetDateFormatW
GetTimeFormatW
GlobalAlloc
DeleteFileW
GetFileAttributesExW
CreateDirectoryW
GetFullPathNameW
QueryPerformanceFrequency
lstrlenA
GetVersionExW
QueryPerformanceCounter
ReadProcessMemory
DeviceIoControl
CreateFileA
IsDebuggerPresent
CreateMutexW
SetUnhandledExceptionFilter
WaitForMultipleObjects
WriteProcessMemory
GetCurrentDirectoryW
GlobalLock
GlobalUnlock
GetDriveTypeW
GetCurrentThreadId
OpenProcess
SetPriorityClass
GetDiskFreeSpaceExW
FindFirstFileW
FindNextFileW
FindClose
GetLocaleInfoW
GetLocaleInfoA
lstrcpyW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetSystemPowerState
GetCurrentProcess
lstrcpynW
MultiByteToWideChar
GetTickCount
Sleep
GetVersion
VirtualProtect
GetModuleFileNameW
GetUserDefaultLangID
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileW
GetFileSize
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
CreateEventW
CreateSemaphoreW
CreateThread
HeapDestroy

user32

SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
GetTopWindow
TrackPopupMenu
GetScrollPos
GetClassInfoExW
GetClassInfoW
RegisterClassW
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
GetMenuState
GetMenuStringW
CreateDialogIndirectParamW
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetIconInfo
wsprintfW
GetDCEx
SetWindowRgn
AdjustWindowRectEx
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetClassNameW
GetClassLongW
GetWindowRgn
GetScrollInfo
DrawTextExW
InvertRect
CharLowerBuffW
GetQueueStatus
MsgWaitForMultipleObjects
PeekMessageW
wsprintfA
GetMessageW
CopyIcon
GetMessageTime
EnumDisplayDevicesW
DestroyIcon
GetCapture
EqualRect
EmptyClipboard
SetClipboardData
CloseClipboard
ReleaseCapture
OpenClipboard
SetCapture
ClientToScreen
GetDlgCtrlID
TranslateMessage
DispatchMessageW
GetDlgItemTextW
CheckMenuItem
DefWindowProcW
IsIconic
ShowWindow
RegisterHotKey
CreateAcceleratorTableW
DestroyAcceleratorTable
ChangeDisplaySettingsW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
UpdateWindow
CharNextW
MessageBoxW
GetWindowModuleFileNameW
GetWindowThreadProcessId
EnumDisplayMonitors
GetKeyState
SystemParametersInfoW
CreateWindowExW
MoveWindow
SetWindowPos
SetWindowLongW
GetMonitorInfoW
FindWindowExW
IsMenu
GetWindowLongW
GetMenuItemRect
CallWindowProcW
PostQuitMessage
FindWindowW
GetMenuBarInfo
GetSystemMetrics
GetCursorPos
ExitWindowsEx
RegisterClipboardFormatW
PostThreadMessageW
GetForegroundWindow
SetForegroundWindow
WindowFromPoint
IsChild
GetDesktopWindow
GetActiveWindow
KillTimer
ReleaseDC
GetDC
SetMenu
GetMenu
LoadMenuW
RemoveMenu
ModifyMenuW
InsertMenuW
GetSubMenu
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
EnableMenuItem
DeleteMenu
PtInRect
RegisterWindowMessageW
RedrawWindow
GetFocus
FillRect
FrameRect
GetSysColorBrush
GetAsyncKeyState
SetRectEmpty
MonitorFromWindow
CopyRect
MessageBeep
GetMessagePos
LoadIconW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
TabbedTextOutW
DrawTextW
GrayStringW
GetNextDlgGroupItem
LockWindowUpdate
InvalidateRgn
CopyAcceleratorTableW
UnregisterClassW
DrawFocusRect
SetWindowContextHelpId
ShowOwnedPopups
SetParent
GetSystemMenu
WaitMessage
IsClipboardFormatAvailable
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
IntersectRect
CharUpperW
SetTimer
ScreenToClient
AppendMenuW
CreatePopupMenu
LoadBitmapW
GetDlgItem
UnionRect
SetRect
IsRectEmpty
LoadImageW
GetSysColor
SetCursor
GetParent
InvalidateRect
GetWindowRect
OffsetRect
InflateRect
PostMessageW
IsWindow
LoadCursorW
IsWindowVisible
MapWindowPoints
GetClientRect
GetWindow
SendMessageW
EnableWindow
DestroyMenu
MapDialogRect
ValidateRect
EndPaint
BeginPaint
GetWindowDC
SetActiveWindow
UnregisterClassA

gdi32

SelectClipRgn
LineTo
MoveToEx
GdiFlush
SetRectRgn
OffsetRgn
FillRgn
CreatePolygonRgn
GetPixel
PatBlt
CopyMetaFileW
GetClipBox
ExtTextOutW
GetMapMode
CreatePatternBrush
DPtoLP
SaveDC
RestoreDC
SetStretchBltMode
ExcludeClipRect
OffsetViewportOrgEx
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
Escape
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetBkColor
GetCharWidthW
StretchDIBits
EnumFontFamiliesExW
GetRgnBox
GetKerningPairsW
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
AddFontResourceW
GetTextMetricsW
SetMapMode
TranslateCharsetInfo
Rectangle
CreateSolidBrush
CreateFontW
EqualRgn
CombineRgn
GetTextColor
GetStockObject
ExtSelectClipRgn
SetPixel
CreateRectRgnIndirect
SetViewportOrgEx
SetViewportExtEx
GetDeviceCaps
CreateFontIndirectW
SetBkMode
BitBlt
CreateCompatibleBitmap
CreatePen
CreateBitmap
GetTextExtentPoint32W
GetCurrentObject
SetBkColor
SetTextColor
TextOutW
CreateRectRgn
GetRegionData
CreateDIBSection
DeleteObject
GetObjectW
StretchBlt
SetDIBColorTable
SelectObject
DeleteDC
IntersectClipRect
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCloseKey
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegFlushKey
RegCreateKeyA
RegCreateKeyW
OpenServiceW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
ControlService
DeleteService
OpenSCManagerW
CreateServiceW
CloseServiceHandle
StartServiceW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyW
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
DragAcceptFiles
ShellExecuteExW
ExtractIconExW
ord680
SHGetFolderPathW
DragQueryFileW

shlwapi

PathAddExtensionW
PathAddBackslashW
PathFileExistsW
PathCombineW
PathRenameExtensionW
PathRemoveExtensionW
PathFindExtensionW
PathMakePrettyW
PathRemoveFileSpecW
PathCompactPathW
PathAppendW
PathIsDirectoryW
PathRelativePathToW
PathCanonicalizeW
PathStripToRootW
PathAddBackslashA
PathRemoveFileSpecA
UrlUnescapeW
PathIsUNCW
PathStripPathW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoTaskMemFree
CoCreateInstance
CLSIDFromString
MkParseDisplayName
CreateBindCtx
CreateItemMoniker
GetRunningObjectTable
CoInitialize
CoUninitialize
OleSaveToStream
CoTaskMemAlloc
OleLoadFromStream
OleInitialize
OleUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoFreeLibrary
StringFromCLSID
CoLoadLibrary
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes

oleaut32

SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VarBstrCmp
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
VariantChangeType
VariantClear
VariantInit
OleCreatePropertyFrame
SysFreeString

ws2_32

closesocket
recvfrom
bind
setsockopt
socket
inet_addr
htons
htonl
WSAStartup
recv
listen
WSAAsyncSelect
sendto
connect
WSASetLastError
getpeername
getsockname
select
accept
gethostbyname
inet_ntoa
ntohs
WSAGetLastError
WSACleanup
send

winmm

waveOutSetVolume
mixerSetControlDetails
timeGetDevCaps
timeBeginPeriod
timeSetEvent
timeEndPeriod
waveOutGetVolume
timeKillEvent

wininet

InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetOpenUrlW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text.un
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 228KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_l
Size: 4KB - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_i
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 4KB - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_f
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_l
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_p
Size: 4KB - Virtual size: 63B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_r
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 788KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.C_TEXT6
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae8ca1095594814467cc565afef0f8a1

Headers

File Characteristics

PDB Paths

Imports

dsound

version

ddraw

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

winmm

wininet

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

_TEXT64 Size: 4KB - Virtual size: 1KB

.text.un Size: 12KB - Virtual size: 11KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 228KB - Virtual size: 1.4MB

.debug_l Size: 4KB - Virtual size: 582B

.debug_i Size: 4KB - Virtual size: 2KB

.debug_a Size: 4KB - Virtual size: 740B

.debug_a Size: 4KB - Virtual size: 96B

.debug_f Size: 4KB - Virtual size: 116B

.debug_l Size: 4KB - Virtual size: 1KB

.debug_p Size: 4KB - Virtual size: 63B

.debug_r Size: 4KB - Virtual size: 160B

.rsrc Size: 788KB - Virtual size: 786KB

.C_TEXT6 Size: 68KB - Virtual size: 68KB

.text
Size: 4.0MB - Virtual size: 4.0MB

_TEXT64
Size: 4KB - Virtual size: 1KB

.text.un
Size: 12KB - Virtual size: 11KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 228KB - Virtual size: 1.4MB

.debug_l
Size: 4KB - Virtual size: 582B

.debug_i
Size: 4KB - Virtual size: 2KB

.debug_a
Size: 4KB - Virtual size: 740B

.debug_a
Size: 4KB - Virtual size: 96B

.debug_f
Size: 4KB - Virtual size: 116B

.debug_l
Size: 4KB - Virtual size: 1KB

.debug_p
Size: 4KB - Virtual size: 63B

.debug_r
Size: 4KB - Virtual size: 160B

.rsrc
Size: 788KB - Virtual size: 786KB

.C_TEXT6
Size: 68KB - Virtual size: 68KB