infected[.]zip

Resubmissions

20-03-2024 13:26

240320-qpv4asac21 10

19-03-2024 15:20

240319-sq7vlafb95 10

Sharing

Copy URL

Twitter E-mail

General

Target

infected.zip
Size

1.8MB
MD5

2afe086468b3a01449d10c35229c8c7c
SHA1

22fc9267defb93870b0690daf91d8bc27fdd39b1
SHA256

27c1008f283ea779e96e487038c4f0a34c355439cb97790998df4a178baaa433
SHA512

dc0e01c6fbcce34a1411f0b87e4c6acb07520736228fef8e010aad3622fe1793245b0b0feb6bbdd648933a493e18eb2414d256e9671616f031b0444bdefe9167
SSDEEP

49152:GRKMZDtDF3n4CyAuP7N8frrf5uK4lGzdvS/2itK:G5tuCZi7FK4lGz5S+itK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/libvlc.dll

Files

infected.zip
.zip
libvlc.dll
.dll windows:6 windows x64 arch:x64

e85d11f9b6f7257b78bf2a8cc87cc50c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
RtlUnwindEx
SetFilePointer
GetACP
LocalFree
CloseHandle
SuspendThread
TlsAlloc
GetTickCount
QueryPerformanceFrequency
IsDebuggerPresent
GetFullPathNameW
VirtualFree
HeapAlloc
GetStartupInfoW
ExitProcess
InitializeCriticalSection
GetCPInfoExW
GetThreadPriority
GetCurrentProcess
SetThreadPriority
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
ResumeThread
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
HeapCreate
HeapDestroy
ReadFile
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
SetLastError
GetModuleFileNameW
GetLastError
lstrlenW
QueryPerformanceCounter
SetEndOfFile
CompareStringW
CreateThread
HeapFree
WideCharToMultiByte
MultiByteToWideChar
FindClose
LoadLibraryW
LoadLibraryA
ResetEvent
SetEvent
CreateFileW
GetLocaleInfoW
GetVersion
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetLocalTime
WaitForSingleObject
GetCurrentThread
WriteFile
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
VirtualQueryEx
GetThreadLocale
Sleep
SetThreadLocale

user32

CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
CharLowerBuffW
LoadStringW
CharUpperW
PeekMessageW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
libvlc_add_intf
libvlc_audio_equalizer_get_amp_at_index
libvlc_audio_equalizer_get_band_count
libvlc_audio_equalizer_get_band_frequency
libvlc_audio_equalizer_get_preamp
libvlc_audio_equalizer_get_preset_count
libvlc_audio_equalizer_get_preset_name
libvlc_audio_equalizer_new
libvlc_audio_equalizer_new_from_preset
libvlc_audio_equalizer_release
libvlc_audio_equalizer_set_amp_at_index
libvlc_audio_equalizer_set_preamp
libvlc_audio_filter_list_get
libvlc_audio_get_channel
libvlc_audio_get_delay
libvlc_audio_get_mute
libvlc_audio_get_track
libvlc_audio_get_track_count
libvlc_audio_get_track_description
libvlc_audio_get_volume
libvlc_audio_output_device_count
libvlc_audio_output_device_enum
libvlc_audio_output_device_get
libvlc_audio_output_device_id
libvlc_audio_output_device_list_get
libvlc_audio_output_device_list_release
libvlc_audio_output_device_longname
libvlc_audio_output_device_set
libvlc_audio_output_get_device_type
libvlc_audio_output_list_get
libvlc_audio_output_list_release
libvlc_audio_output_set
libvlc_audio_output_set_device_type
libvlc_audio_set_callbacks
libvlc_audio_set_channel
libvlc_audio_set_delay
libvlc_audio_set_format
libvlc_audio_set_format_callbacks
libvlc_audio_set_mute
libvlc_audio_set_track
libvlc_audio_set_volume
libvlc_audio_set_volume_callback
libvlc_audio_toggle_mute
libvlc_chapter_descriptions_release
libvlc_clearerr
libvlc_clock
libvlc_dialog_dismiss
libvlc_dialog_get_context
libvlc_dialog_post_action
libvlc_dialog_post_login
libvlc_dialog_set_callbacks
libvlc_dialog_set_context
libvlc_errmsg
libvlc_event_attach
libvlc_event_detach
libvlc_event_type_name
libvlc_free
libvlc_get_changeset
libvlc_get_compiler
libvlc_get_fullscreen
libvlc_get_input_thread
libvlc_get_log_verbosity
libvlc_get_version
libvlc_log_clear
libvlc_log_close
libvlc_log_count
libvlc_log_get_context
libvlc_log_get_iterator
libvlc_log_get_object
libvlc_log_iterator_free
libvlc_log_iterator_has_next
libvlc_log_iterator_next
libvlc_log_open
libvlc_log_set
libvlc_log_set_file
libvlc_log_unset
libvlc_media_add_option
libvlc_media_add_option_flag
libvlc_media_discoverer_event_manager
libvlc_media_discoverer_is_running
libvlc_media_discoverer_list_get
libvlc_media_discoverer_list_release
libvlc_media_discoverer_localized_name
libvlc_media_discoverer_media_list
libvlc_media_discoverer_new
libvlc_media_discoverer_new_from_name
libvlc_media_discoverer_release
libvlc_media_discoverer_start
libvlc_media_discoverer_stop
libvlc_media_duplicate
libvlc_media_event_manager
libvlc_media_get_codec_description
libvlc_media_get_duration
libvlc_media_get_meta
libvlc_media_get_mrl
libvlc_media_get_parsed_status
libvlc_media_get_state
libvlc_media_get_stats
libvlc_media_get_tracks_info
libvlc_media_get_type
libvlc_media_get_user_data
libvlc_media_is_parsed
libvlc_media_library_load
libvlc_media_library_media_list
libvlc_media_library_new
libvlc_media_library_release
libvlc_media_library_retain
libvlc_media_list_add_file_content
libvlc_media_list_add_media
libvlc_media_list_count
libvlc_media_list_event_manager
libvlc_media_list_index_of_item
libvlc_media_list_insert_media
libvlc_media_list_is_readonly
libvlc_media_list_item_at_index
libvlc_media_list_lock
libvlc_media_list_media
libvlc_media_list_new
libvlc_media_list_player_event_manager
libvlc_media_list_player_get_media_player
libvlc_media_list_player_get_state
libvlc_media_list_player_is_playing
libvlc_media_list_player_new
libvlc_media_list_player_next
libvlc_media_list_player_pause
libvlc_media_list_player_play
libvlc_media_list_player_play_item
libvlc_media_list_player_play_item_at_index
libvlc_media_list_player_previous
libvlc_media_list_player_release
libvlc_media_list_player_retain
libvlc_media_list_player_set_media_list
libvlc_media_list_player_set_media_player
libvlc_media_list_player_set_pause
libvlc_media_list_player_set_playback_mode
libvlc_media_list_player_stop
libvlc_media_list_release
libvlc_media_list_remove_index
libvlc_media_list_retain
libvlc_media_list_set_media
libvlc_media_list_unlock
libvlc_media_new_as_node
libvlc_media_new_callbacks
libvlc_media_new_fd
libvlc_media_new_from_input_item
libvlc_media_new_location
libvlc_media_new_path
libvlc_media_parse
libvlc_media_parse_async
libvlc_media_parse_stop
libvlc_media_parse_with_options
libvlc_media_player_add_slave
libvlc_media_player_can_pause
libvlc_media_player_event_manager
libvlc_media_player_get_agl
libvlc_media_player_get_chapter
libvlc_media_player_get_chapter_count
libvlc_media_player_get_chapter_count_for_title
libvlc_media_player_get_fps
libvlc_media_player_get_full_chapter_descriptions
libvlc_media_player_get_full_title_descriptions
libvlc_media_player_get_hwnd
libvlc_media_player_get_length
libvlc_media_player_get_media
libvlc_media_player_get_nsobject
libvlc_media_player_get_position
libvlc_media_player_get_rate
libvlc_media_player_get_role
libvlc_media_player_get_state
libvlc_media_player_get_time
libvlc_media_player_get_title
libvlc_media_player_get_title_count
libvlc_media_player_get_xwindow
libvlc_media_player_has_vout
libvlc_media_player_is_playing
libvlc_media_player_is_seekable
libvlc_media_player_navigate
libvlc_media_player_new
libvlc_media_player_new_from_media
libvlc_media_player_next_chapter
libvlc_media_player_next_frame
libvlc_media_player_pause
libvlc_media_player_play
libvlc_media_player_previous_chapter
libvlc_media_player_program_scrambled
libvlc_media_player_release
libvlc_media_player_retain
libvlc_media_player_set_agl
libvlc_media_player_set_android_context
libvlc_media_player_set_chapter
libvlc_media_player_set_equalizer
libvlc_media_player_set_hwnd
libvlc_media_player_set_media
libvlc_media_player_set_nsobject
libvlc_media_player_set_pause
libvlc_media_player_set_position
libvlc_media_player_set_rate
libvlc_media_player_set_renderer
libvlc_media_player_set_role
libvlc_media_player_set_time
libvlc_media_player_set_title
libvlc_media_player_set_video_title_display
libvlc_media_player_set_xwindow
libvlc_media_player_stop
libvlc_media_player_will_play
libvlc_media_release
libvlc_media_retain
libvlc_media_save_meta
libvlc_media_set_meta
libvlc_media_set_state
libvlc_media_set_user_data
libvlc_media_slaves_add
libvlc_media_slaves_clear
libvlc_media_slaves_get
libvlc_media_slaves_release
libvlc_media_subitems
libvlc_media_tracks_get
libvlc_media_tracks_release
libvlc_module_description_list_release
libvlc_new
libvlc_playlist_play
libvlc_printerr
libvlc_release
libvlc_renderer_discoverer_event_manager
libvlc_renderer_discoverer_list_get
libvlc_renderer_discoverer_list_release
libvlc_renderer_discoverer_new
libvlc_renderer_discoverer_release
libvlc_renderer_discoverer_start
libvlc_renderer_discoverer_stop
libvlc_renderer_item_flags
libvlc_renderer_item_hold
libvlc_renderer_item_icon_uri
libvlc_renderer_item_name
libvlc_renderer_item_release
libvlc_renderer_item_type
libvlc_retain
libvlc_set_app_id
libvlc_set_exit_handler
libvlc_set_fullscreen
libvlc_set_log_verbosity
libvlc_set_user_agent
libvlc_title_descriptions_release
libvlc_toggle_fullscreen
libvlc_toggle_teletext
libvlc_track_description_list_release
libvlc_track_description_release
libvlc_video_filter_list_get
libvlc_video_get_adjust_float
libvlc_video_get_adjust_int
libvlc_video_get_aspect_ratio
libvlc_video_get_chapter_description
libvlc_video_get_crop_geometry
libvlc_video_get_cursor
libvlc_video_get_height
libvlc_video_get_logo_int
libvlc_video_get_marquee_int
libvlc_video_get_marquee_string
libvlc_video_get_scale
libvlc_video_get_size
libvlc_video_get_spu
libvlc_video_get_spu_count
libvlc_video_get_spu_delay
libvlc_video_get_spu_description
libvlc_video_get_teletext
libvlc_video_get_title_description
libvlc_video_get_track
libvlc_video_get_track_count
libvlc_video_get_track_description
libvlc_video_get_width
libvlc_video_new_viewpoint
libvlc_video_set_adjust_float
libvlc_video_set_adjust_int
libvlc_video_set_aspect_ratio
libvlc_video_set_callbacks
libvlc_video_set_crop_geometry
libvlc_video_set_deinterlace
libvlc_video_set_format
libvlc_video_set_format_callbacks
libvlc_video_set_key_input
libvlc_video_set_logo_int
libvlc_video_set_logo_string
libvlc_video_set_marquee_int
libvlc_video_set_marquee_string
libvlc_video_set_mouse_input
libvlc_video_set_scale
libvlc_video_set_spu
libvlc_video_set_spu_delay
libvlc_video_set_subtitle_file
libvlc_video_set_teletext
libvlc_video_set_track
libvlc_video_take_snapshot
libvlc_video_update_viewpoint
libvlc_vlm_add_broadcast
libvlc_vlm_add_input
libvlc_vlm_add_vod
libvlc_vlm_change_media
libvlc_vlm_del_media
libvlc_vlm_get_event_manager
libvlc_vlm_get_media_instance_length
libvlc_vlm_get_media_instance_position
libvlc_vlm_get_media_instance_rate
libvlc_vlm_get_media_instance_time
libvlc_vlm_pause_media
libvlc_vlm_play_media
libvlc_vlm_release
libvlc_vlm_seek_media
libvlc_vlm_set_enabled
libvlc_vlm_set_input
libvlc_vlm_set_loop
libvlc_vlm_set_mux
libvlc_vlm_set_output
libvlc_vlm_show_media
libvlc_vlm_stop_media
libvlc_vprinterr
libvlc_wait

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 658B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sqlite3.dll
vlc.exe
.exe windows:4 windows x64 arch:x64

8e8dd7ad3d2126158cbcb6c64d7f49db

Code Sign

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-12-2020 00:00

Not After

18-12-2023 23:59

Subject

CN=VideoLAN,O=VideoLAN,L=Paris,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-12-2020 00:00

Not After

18-12-2023 23:59

Subject

CN=VideoLAN,O=VideoLAN,L=Paris,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b2:12:af:71:19:74:d9:24:df:c0:42:a1:a9:a3:58:fe:65:28:83:33:ca:ea:ee:a3:f2:28:c4:95:49:53:c5:b9
Signer

Actual PE Digest

b2:12:af:71:19:74:d9:24:df:c0:42:a1:a9:a3:58:fe:65:28:83:33:ca:ea:ee:a3:f2:28:c4:95:49:53:c5:b9

Digest Algorithm

sha256

PE Digest Matches

true

a2:35:87:c5:76:f5:ce:86:59:52:98:11:08:75:7f:4b:e5:f8:08:6e
Signer

Actual PE Digest

a2:35:87:c5:76:f5:ce:86:59:52:98:11:08:75:7f:4b:e5:f8:08:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

Imports

libvlc

libvlc_add_intf
libvlc_new
libvlc_playlist_play
libvlc_release
libvlc_set_app_id
libvlc_set_user_agent
libvlc_wait

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW

kernel32

CloseHandle
CreateDirectoryW
CreateFileW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessId
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadContext
GetTickCount
HeapSetInformation
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryW
LocalFree
MultiByteToWideChar
OpenThread
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetErrorMode
SetEvent
SetLastError
SetNamedPipeHandleState
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteFile

msvcrt

__C_specific_handler
___lc_codepage_func
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_exit
_fileno
_fmode
_fstat64
fwprintf
_initterm
_lock
_lseeki64
_onexit
_setmode
_strnicmp
_unlock
abort
calloc
exit
fclose
fflush
fopen
fprintf
fputc
fputs
fputwc
free
fwprintf
fwrite
getenv
isspace
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
raise
rand
realloc
setlocale
setvbuf
signal
sprintf
strcmp
strcoll
strerror
strftime
strlen
strncmp
strtoul
strxfrm
towlower
towupper
vfprintf
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsncmp
wcstol
wcsxfrm
_snwprintf
_write
_read
_putenv
_open
_fileno
_fdopen
_close

shell32

CommandLineToArgvW
SHGetFolderPathW

user32

MessageBoxW

wininet

HttpAddRequestHeadersW
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetCrackUrlW
InternetOpenW
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionW

Exports

Exports

WinMain

Sections

.text
Size: 682KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

e85d11f9b6f7257b78bf2a8cc87cc50c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 126KB - Virtual size: 126KB

.bss Size: - Virtual size: 49KB

.idata Size: 4KB - Virtual size: 3KB

.didata Size: 1024B - Virtual size: 658B

.edata Size: 12KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 69B

.reloc Size: 64KB - Virtual size: 63KB

.pdata Size: 76KB - Virtual size: 76KB

.rsrc Size: 11KB - Virtual size: 11KB

8e8dd7ad3d2126158cbcb6c64d7f49db

Code Sign

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

b2:12:af:71:19:74:d9:24:df:c0:42:a1:a9:a3:58:fe:65:28:83:33:ca:ea:ee:a3:f2:28:c4:95:49:53:c5:b9Signer

a2:35:87:c5:76:f5:ce:86:59:52:98:11:08:75:7f:4b:e5:f8:08:6eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libvlc

advapi32

kernel32

msvcrt

shell32

user32

wininet

Exports

Exports

Sections

.text Size: 682KB - Virtual size: 682KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 126KB - Virtual size: 126KB

.bss
Size: - Virtual size: 49KB

.idata
Size: 4KB - Virtual size: 3KB

.didata
Size: 1024B - Virtual size: 658B

.edata
Size: 12KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 64KB - Virtual size: 63KB

.pdata
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 11KB - Virtual size: 11KB

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

b2:12:af:71:19:74:d9:24:df:c0:42:a1:a9:a3:58:fe:65:28:83:33:ca:ea:ee:a3:f2:28:c4:95:49:53:c5:b9
Signer

a2:35:87:c5:76:f5:ce:86:59:52:98:11:08:75:7f:4b:e5:f8:08:6e
Signer

.text
Size: 682KB - Virtual size: 682KB

.data
Size: 9KB - Virtual size: 8KB

.rdata
Size: 64KB - Virtual size: 64KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 42KB - Virtual size: 42KB

.xdata
Size: 57KB - Virtual size: 57KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 66B

.idata
Size: 7KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 104B

.rsrc
Size: 74KB - Virtual size: 74KB

.reloc
Size: 5KB - Virtual size: 5KB

/4
Size: 512B - Virtual size: 16B