1e58e0887ec8706786713a6aa754e1d0f98c35b8d051543ed5c5504383baf995

Sharing

Copy URL Twitter E-mail

General

Target

1e58e0887ec8706786713a6aa754e1d0f98c35b8d051543ed5c5504383baf995
Size

3.0MB
MD5

e431f4c21cb03e53bf30caed3c305668
SHA1

8c8d7aeec4e936d3f492c717dff82fe546892aa4
SHA256

1e58e0887ec8706786713a6aa754e1d0f98c35b8d051543ed5c5504383baf995
SHA512

26b595b1965fc46f6456581d8dabc9bcb0cbf8f37c865eeb0a9e89214f385e089e50a819891cf5444e1f2129e062291bc36407b839f1d7d368d16fb6b57d8aff
SSDEEP

49152:KjKxL7dENDI80n5hq55fuj1jJWnqn0QjG8/zdC6SO0dwefCULHHi:NdqNDI832ZJnjbMHC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e58e0887ec8706786713a6aa754e1d0f98c35b8d051543ed5c5504383baf995

Files

1e58e0887ec8706786713a6aa754e1d0f98c35b8d051543ed5c5504383baf995
.dll windows:6 windows x86 arch:x86

1d51989c9db80ff776d563c02b753e4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\avbuild\avbuild\build_sdk-vc-x86-clvs2022\libavfilter\avfilter-8.pdb

Imports

swscale-6

sws_freeContext
sws_get_class
sws_getColorspaceDetails
sws_setColorspaceDetails
sws_scale_frame
sws_init_context
sws_alloc_context
sws_isSupportedEndiannessConversion
sws_isSupportedOutput
sws_isSupportedInput
sws_getCoefficients
sws_scale
sws_getContext

avformat-59

avformat_open_input
avformat_find_stream_info
av_read_frame
avformat_close_input
av_find_best_stream
av_seek_frame
avformat_match_stream_specifier
avio_write
avio_open
avio_get_str
avio_rl32
avio_read
avio_size
av_find_input_format
avio_seek
avio_closep

avcodec-59

avpriv_elbg_do
avpriv_elbg_free
av_rdft_end
av_dct_end
av_dct_calc
av_dct_init
avcodec_flush_buffers
avcodec_receive_frame
avcodec_send_packet
avcodec_open2
avcodec_parameters_to_context
avcodec_free_context
avcodec_alloc_context3
av_packet_unref
av_rdft_calc
av_rdft_init
av_fft_end
av_fft_calc
av_fft_permute
avcodec_find_decoder
av_fft_init

swresample-4

swr_alloc
swr_set_matrix
swr_set_channel_mapping
swr_get_delay
swr_next_pts
swr_convert
swr_free
swr_alloc_set_opts2
swr_init
swr_get_class

avutil-57

av_audio_fifo_alloc
av_audio_fifo_write
av_audio_fifo_peek
av_audio_fifo_drain
av_audio_fifo_size
av_fast_malloc
av_rescale_q
av_lfg_init
av_get_random_seed
av_malloc_array
av_fast_realloc
av_get_bytes_per_sample
av_samples_set_silence
av_samples_alloc_array_and_samples
av_tx_init
av_tx_uninit
av_cpu_max_align
av_frame_clone
avpriv_cga_font
av_get_channel_layout
av_channel_layout_from_mask
av_channel_layout_from_string
av_get_sample_fmt
av_samples_copy
av_audio_fifo_read
av_fifo_alloc2
av_fifo_write
av_fifo_read
av_fifo_freep2
av_bprint_init
av_bprintf
av_channel_layout_index_from_channel
av_channel_layout_subset
av_get_sample_fmt_name
av_sample_fmt_is_planar
av_malloc
av_mallocz
av_strtod
av_get_packed_sample_fmt
av_parse_color
av_channel_layout_check
av_channel_layout_compare
av_opt_set_int
av_opt_get_int
av_opt_get_sample_fmt
av_opt_get_chlayout
av_adler32_update
av_realloc_array
av_dict_set
av_channel_layout_channel_from_index
av_channel_name
av_channel_from_string
av_channel_layout_extract_channel
av_frame_alloc
av_frame_get_buffer
av_expr_parse_and_eval
av_channel_layout_index_from_string
av_buffer_ref
av_frame_get_plane_buffer
av_opt_free
av_frame_get_side_data
av_calloc
av_get_channel_layout_nb_channels
av_buffer_allocz
av_frame_make_writable
av_mul_q
av_div_q
av_get_pix_fmt_name
av_gettime_relative
avpriv_vga16_font
av_parse_video_rate
av_strlcatf
av_buffer_unref
av_get_media_type_string
av_strerror
av_memdup
av_dict_get
av_dict_free
av_opt_set_defaults
av_opt_set_dict
av_opt_set_dict2
av_opt_get_key_value
av_opt_find
av_opt_find2
av_opt_next
av_opt_set
avpriv_float_dsp_alloc
av_find_best_pix_fmt_of_2
av_image_check_size2
av_get_planar_sample_fmt
av_frame_ref
av_frame_move_ref
av_d2q
avpriv_report_missing_feature
av_opt_set_from_string
av_realloc
av_image_get_linesize
av_image_fill_linesizes
av_image_copy_plane
av_get_token
av_csp_luma_coeffs_from_avcsp
av_dict_set_int
av_gettime
av_usleep
av_opt_set_sample_fmt
av_opt_set_chlayout
av_audio_fifo_peek_at
av_vlog
av_parse_time
av_pix_fmt_count_planes
av_get_picture_type_char
av_strlcpy
av_bprint_chars
av_file_map
av_file_unmap
av_get_extended_channel_layout
av_get_pix_fmt
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_pool_get
avpriv_set_systematic_pal2
av_samples_get_buffer_size
av_image_fill_plane_sizes
av_gcd_q
av_bprint_init_for_buffer
av_image_alloc
av_image_copy
avpriv_slicethread_create
av_sscanf
avpriv_slicethread_free
av_hwframe_ctx_alloc
av_hwframe_ctx_init
av_hwframe_get_buffer
av_fifo_can_read
av_add_q
av_sub_q
av_rescale_rnd
av_rescale_q_rnd
av_buffer_alloc
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_reduce
av_parse_ratio
av_frame_unref
av_get_padded_bits_per_pixel
av_csp_primaries_desc_from_id
av_color_range_name
av_color_primaries_name
av_color_transfer_name
av_color_space_name
av_image_fill_max_pixsteps
av_log_get_level
av_bprint_clear
av_bprint_finalize
av_pixelutils_get_sad_fn
av_strlcat
av_detection_bbox_create_side_data
av_get_bits_per_pixel
av_pix_fmt_desc_next
av_pix_fmt_desc_get_id
av_stereo3d_create_side_data
av_gcd
av_expr_count_func
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_hwdevice_find_type_by_name
av_hwdevice_ctx_create_derived
av_hwframe_map
av_hwframe_ctx_create_derived
av_hwdevice_get_hwframe_constraints
av_hwframe_constraints_free
av_hwdevice_ctx_create
av_strcasecmp
av_compare_ts
av_dynarray2_add
av_read_image_line2
av_write_image_line2
av_video_enc_params_create_side_data
av_expr_count_vars
av_opt_eval_flags
av_parse_video_size
av_display_rotation_get
av_spherical_tile_bounds
av_stereo3d_type_name
av_timecode_make_smpte_tc_string2
av_timecode_make_mpeg_tc_string
av_image_check_size
av_get_cpu_flags
av_asprintf
av_frame_copy
av_frame_is_writable
av_frame_copy_props
av_frame_free
av_rescale
av_audio_fifo_free
av_log
av_dynarray_add_nofree
av_strdup
av_freep
av_free
av_realloc_f
av_expr_free
av_expr_eval
av_expr_parse
av_channel_layout_describe
av_channel_layout_copy
av_channel_layout_uninit
av_channel_layout_default
av_strtok
av_default_item_name
av_pix_fmt_desc_get
av_frame_remove_side_data
avpriv_slicethread_execute

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW

ole32

StringFromGUID2

kernel32

LeaveCriticalSection
EnterCriticalSection
VirtualQuery
InterlockedFlushSList
IsDebuggerPresent
InitializeSListHead
GetModuleFileNameW
GetLastError
GetFileAttributesW
Sleep
FindFirstFileW
FindClose
MultiByteToWideChar
GetFullPathNameW
InitOnceComplete
InitOnceBeginInitialize
FreeLibrary
GetModuleHandleExW
ExitProcess
DecodePointer
FindNextFileW
SetErrorMode
GetProcAddress
LoadLibraryExW
GetCurrentThreadId
GetModuleHandleW
SwitchToThread
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime

msvcrt

log10
__CxxFrameHandler3
pow
acos
asin
atan
___lc_codepage_func
_isatty
fflush
_fileno
_wcstoui64
_strtoui64
_CIlog10
_clearfp
tan
memcpy
memmove
memset
strchr
strstr
strrchr
wcschr
wcsrchr
wcsstr
_CxxThrowException
_except_handler4_common
_amsg_exit
log
_CIfmod
strncmp
abort
_CIcosh
_CIatan2
strtol
ceil
fclose
fgetc
floor
_CItanh
_CIsinh
bsearch
modf
ldexp
qsort
strcspn
strspn
_errno
free
_wsopen
_sopen
feof
fgets
fseek
wcscpy_s
wcscspn
fgetws
_wfopen_s
wcstoul
wcscat_s
_initterm
_initterm_e
_callnewh
malloc
_fdopen
strcpy_s
sqrt
_hypot
__pctype_func
tolower
___mb_cur_max_func
wcsnlen
strnlen
_mbtowc_l
wctomb_s
iswctype
isspace
calloc
getc
ungetc
_CIsqrt
_copysign
_CIlog
_strtoi64
_iob
_lock
_unlock
__CppXcptFilter
__getmainargs
?terminate@@YAXXZ
sin
cos
exp

Exports

Exports

av_abuffersink_params_alloc
av_buffersink_get_ch_layout
av_buffersink_get_channel_layout
av_buffersink_get_channels
av_buffersink_get_format
av_buffersink_get_frame
av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_get_h
av_buffersink_get_hw_frames_ctx
av_buffersink_get_sample_aspect_ratio
av_buffersink_get_sample_rate
av_buffersink_get_samples
av_buffersink_get_time_base
av_buffersink_get_type
av_buffersink_get_w
av_buffersink_params_alloc
av_buffersink_set_frame_size
av_buffersrc_add_frame
av_buffersrc_add_frame_flags
av_buffersrc_close
av_buffersrc_get_nb_failed_requests
av_buffersrc_parameters_alloc
av_buffersrc_parameters_set
av_buffersrc_write_frame
av_filter_ffversion
av_filter_iterate
av_fopen_utf8
avfilter_config_links
avfilter_configuration
avfilter_filter_pad_count
avfilter_free
avfilter_get_by_name
avfilter_get_class
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_get_filter
avfilter_graph_parse
avfilter_graph_parse2
avfilter_graph_parse_ptr
avfilter_graph_queue_command
avfilter_graph_request_oldest
avfilter_graph_send_command
avfilter_graph_set_auto_convert
avfilter_init_dict
avfilter_init_str
avfilter_inout_alloc
avfilter_inout_free
avfilter_insert_filter
avfilter_license
avfilter_link
avfilter_link_free
avfilter_pad_count
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_process_command
avfilter_version

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 724KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d51989c9db80ff776d563c02b753e4c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

swscale-6

avformat-59

avcodec-59

swresample-4

avutil-57

advapi32

ole32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 724KB - Virtual size: 724KB

.data Size: 1024B - Virtual size: 17KB

_RDATA Size: 512B - Virtual size: 304B

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 84KB - Virtual size: 83KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 724KB - Virtual size: 724KB

.data
Size: 1024B - Virtual size: 17KB

_RDATA
Size: 512B - Virtual size: 304B

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 84KB - Virtual size: 83KB