d3470512377a28c06a7f06aa910af68f

Sharing

Copy URL Twitter E-mail

General

Target

d3470512377a28c06a7f06aa910af68f
Size

30KB
MD5

d3470512377a28c06a7f06aa910af68f
SHA1

4ab9cc9370dfc6360a05c2a26b5093d03207519b
SHA256

6d8b344df47d77840c1d37ac73513bd3f2a4ec79f88e07a38a4f5b46d58f4fb0
SHA512

81b82996bc740179ac5c2a5604ee6feb751ec9c23490ef2f0f0b1bfd1cb7df976211289a459e72b37bc8e686c217ab71765ab81849a5c47f14ad4115dcf8c2c5
SSDEEP

384:XUGol9WNS0dCt8IZJRbZmp/plohbtw5x:EGol9zCIZzkp/pKhbtOx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3470512377a28c06a7f06aa910af68f

Files

d3470512377a28c06a7f06aa910af68f
.exe windows:6 windows x86 arch:x86

dc0a3d7c57fa0bcf235d04f0aab91662

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\GitLab-Runner\builds\651dcee5\2\BC\public\linphone-sdk\build-desktop\WORK\desktop\Build\linphone\tools\RelWithDebInfo\lp-auto-answer.pdb

Imports

liblinphone

linphone_core_set_preferred_framerate
linphone_call_log_to_str
linphone_call_params_enable_video
linphone_call_params_set_audio_direction
linphone_call_params_set_video_direction
linphone_call_params_unref
linphone_factory_get
linphone_factory_get_sound_resources_dir
linphone_config_new
linphone_config_set_string
linphone_config_set_int
linphone_core_destroy
linphone_core_set_preferred_video_size_by_name
linphone_core_set_video_policy
linphone_core_set_sip_transports
linphone_core_find_payload_type
linphone_core_set_payload_type_bitrate
linphone_core_terminate_call
linphone_core_accept_call_with_params
linphone_core_new_with_config
linphone_core_set_log_level_mask
linphone_core_get_calls
linphone_core_enable_keep_alive
linphone_core_set_play_file
linphone_core_set_use_files
linphone_core_set_video_device
linphone_call_get_duration
linphone_core_enable_video_display
linphone_core_enable_video_capture
linphone_core_get_call_logs
linphone_core_enable_echo_cancellation
linphone_core_get_ms_factory
linphone_core_set_video_port_range
linphone_core_set_audio_port_range
linphone_core_set_primary_contact
linphone_core_create_call_params
linphone_core_iterate
linphone_address_as_string
linphone_address_get_port
linphone_address_get_domain
linphone_address_new

mediastreamer

ms_usleep
ms_factory_get_web_cam_manager
ms_web_cam_manager_add_cam
ms_web_cam_new
ms_mire_webcam_desc_get

ortp

payload_type_set_recv_fmtp
payload_type_set_send_fmtp
ortp_free

bctoolbox

bctbx_list_size
bctbx_free
bctbx_logv
bctbx_strdup_printf

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__p__commode
_set_fmode

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initialize_onexit_table
_crt_at_quick_exit
_register_onexit_function
_execute_onexit_table
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
exit
_exit
_controlfp_s
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
signal
terminate
_initterm_e

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetCurrentProcessId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
UnhandledExceptionFilter
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc0a3d7c57fa0bcf235d04f0aab91662

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

liblinphone

mediastreamer

ortp

bctoolbox

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 6KB - Virtual size: 5KB

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 6KB - Virtual size: 5KB

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB