avifil32[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

avifil32.dll
Size

93KB
MD5

af5991813865f242a2bb3a43c8f0d509
SHA1

b8cfb46323526c541b13efe5cf1c7547b85da6a2
SHA256

c81c89be3b8fcff5cb76b96d481ac3208fda37cfe4a4693d43cfed25db4bf5b5
SHA512

089ae4b5abf0fe46fefabac2f26ffdb92d144e25141d854adf6b25d53cde1e3c0aa6e758da4fe14ec742d04512158b6e52ca0187e815df2270ef01550bd4bb6a
SSDEEP

1536:w1vuz7VyovaxIMbL65/SH/4ZSj2NwEgPXjgmLoSHsAVqDh01V6zgG:wU8rxIMidyQcj2NSPNjWDh0b6zgG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
avifil32.dll

Files

avifil32.dll
.dll windows:10 windows x86 arch:x86

f2314692d73d6a7fb58709ef095af4bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

avifil32.pdb

Imports

msvcrt

mbstowcs
memcpy
memcmp
memmove
_except_handler4_common
_initterm
_amsg_exit
_XcptFilter
free
_callnewh
malloc
_purecall
atoi
_vsnwprintf
_ftol2_sse
memset

msvfw32

ICOpen
ICLocate
ICGetInfo
ICCompressorFree
ICClose
ICCompressorChoose
ICDecompress
ICCompress
ICGetDisplayFormat
ICSendMessage

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalSize
GlobalHandle
GlobalReAlloc
GlobalLock

api-ms-win-core-string-obsolete-l1-1-0

lstrlenW
lstrlenA
lstrcmpW

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalFree
LocalAlloc
GlobalAlloc

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
LoadStringW

api-ms-win-core-com-l1-1-0

CoGetMarshalSizeMax
CoGetMalloc
CoCreateInstance
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetErrorMode
GetLastError

api-ms-win-core-string-l2-1-0

CharPrevW

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegQueryValueExA

api-ms-win-core-registry-l2-1-0

RegOpenKeyW
RegOpenKeyA
RegQueryValueW
RegEnumKeyW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
ResetEvent
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
CreateEventW

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetCurrentThreadId

api-ms-win-core-file-l1-1-0

CreateFileW
WriteFile
GetFullPathNameW
GetFileSize
ReadFile
GetDiskFreeSpaceW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-io-l1-1-0

GetOverlappedResult

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

gdi32

CreatePalette
CreateHalftonePalette

msacm32

acmStreamPrepareHeader
acmStreamClose
acmFormatSuggest
acmStreamOpen
acmStreamConvert
acmFormatDetailsW
acmFormatChooseW
acmFormatTagDetailsW
acmGetVersion
acmStreamSize
acmMetrics
acmStreamUnprepareHeader

ole32

OleInitialize
OleSetClipboard
OleUninitialize
ReleaseStgMedium
OleGetClipboard
OleFlushClipboard

user32

MessageBeep
EndDialog
SendDlgItemMessageW
SendMessageW
MessageBoxW
ReleaseDC
TranslateMessage
PeekMessageW
DispatchMessageW
GetDC
DestroyWindow
IsDlgButtonChecked
SetRect
SetRectEmpty
IsRectEmpty
GetDlgItemInt
GetDlgItem
CheckDlgButton
SetDlgItemInt
DialogBoxParamW
SetDlgItemTextW
EnableWindow

winmm

mmioWrite
mmioSeek
mmioOpenW
mmioClose
mmioRead

Exports

Exports

AVIBuildFilter
AVIBuildFilterA
AVIBuildFilterW
AVIClearClipboard
AVIFileAddRef
AVIFileCreateStream
AVIFileCreateStreamA
AVIFileCreateStreamW
AVIFileEndRecord
AVIFileExit
AVIFileGetStream
AVIFileInfo
AVIFileInfoA
AVIFileInfoW
AVIFileInit
AVIFileOpen
AVIFileOpenA
AVIFileOpenW
AVIFileReadData
AVIFileRelease
AVIFileWriteData
AVIGetFromClipboard
AVIMakeCompressedStream
AVIMakeFileFromStreams
AVIMakeStreamFromClipboard
AVIPutFileOnClipboard
AVISave
AVISaveA
AVISaveOptions
AVISaveOptionsFree
AVISaveV
AVISaveVA
AVISaveVW
AVISaveW
AVIStreamAddRef
AVIStreamBeginStreaming
AVIStreamCreate
AVIStreamEndStreaming
AVIStreamFindSample
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamInfo
AVIStreamInfoA
AVIStreamInfoW
AVIStreamLength
AVIStreamOpenFromFile
AVIStreamOpenFromFileA
AVIStreamOpenFromFileW
AVIStreamRead
AVIStreamReadData
AVIStreamReadFormat
AVIStreamRelease
AVIStreamSampleToTime
AVIStreamSetFormat
AVIStreamStart
AVIStreamTimeToSample
AVIStreamWrite
AVIStreamWriteData
CreateEditableStream
DllCanUnloadNow
DllGetClassObject
EditStreamClone
EditStreamCopy
EditStreamCut
EditStreamPaste
EditStreamSetInfo
EditStreamSetInfoA
EditStreamSetInfoW
EditStreamSetName
EditStreamSetNameA
EditStreamSetNameW
IID_IAVIEditStream
IID_IAVIFile
IID_IAVIStream
IID_IGetFrame

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2314692d73d6a7fb58709ef095af4bd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

msvfw32

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-largeinteger-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-string-l2-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-registry-l2-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

gdi32

msacm32

ole32

user32

winmm

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.data Size: 512B - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 82KB - Virtual size: 81KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB