avifil32[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

avifil32.dll
Size

114KB
MD5

6b75a74e20746768c6dfa3f409b0fa6e
SHA1

eb77e57d335574ec8692cba6b677eae74e66ce11
SHA256

21cf9ab70a2d5898eabd1690c4205b0b78f50a2288f89c05572cd3a2d2c72a09
SHA512

7d51078e2e8abfa27a7d39f54a8db14de4cccf2af00981532b669183926eb7700364056a061c52d81d4703761bfb18a3a32a75fcb562702ece7126473df55b7c
SSDEEP

3072:3HY7vnsLnx9vZpoaEZX2OIliaV5H+cAjLs5oSAQO:347vst9hPE12OIliaV5HvA3TQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
avifil32.dll

Files

avifil32.dll
.dll windows:6 windows x64 arch:x64

d6089747e3ae78414dd1c7863b9db1e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

avifil32.pdb

Imports

msvcrt

??3@YAXPEAX@Z
_purecall
_XcptFilter
??2@YAPEAX_K@Z
atoi
memmove
memcmp
memcpy
_amsg_exit
free
malloc
_initterm
__C_specific_handler
mbstowcs
_vsnwprintf
memset

user32

SetDlgItemTextW
EnableWindow
MessageBoxW
IsDlgButtonChecked
LoadStringW
CheckDlgButton
SendDlgItemMessageW
EndDialog
GetDlgItem
SetDlgItemInt
MessageBeep
DialogBoxParamW
GetDlgItemInt
DispatchMessageW
ReleaseDC
PeekMessageW
TranslateMessage
GetDC
DestroyWindow
CharPrevW
IsRectEmpty
SetRect
SetRectEmpty
SendMessageW

kernel32

ResetEvent
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
CloseHandle
CreateEventW
GetDiskFreeSpaceW
GetLastError
GetOverlappedResult
CreateFileW
ReadFile
WriteFile
GetFileSize
GetFullPathNameW
GlobalSize
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
lstrcmpW
WideCharToMultiByte
lstrlenA
GlobalLock
GlobalAlloc
MulDiv
GlobalUnlock
GlobalFree
LocalAlloc
GlobalHandle
LocalFree
GlobalReAlloc
lstrlenW
SetErrorMode
DisableThreadLibraryCalls

gdi32

CreatePalette
CreateHalftonePalette

winmm

mmioOpenW
mmioRead
mmioClose
mmioWrite
mmioSeek

advapi32

RegOpenKeyA
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCloseKey
RegQueryValueExA

ole32

CoGetMarshalSizeMax
CreateStreamOnHGlobal
CoCreateInstance
CoMarshalInterface
OleSetClipboard
OleFlushClipboard
ReleaseStgMedium
OleUninitialize
CoUnmarshalInterface
OleGetClipboard
OleInitialize
CoGetMalloc

msacm32

acmStreamConvert
acmStreamPrepareHeader
acmStreamClose
acmStreamSize
acmFormatSuggest
acmStreamUnprepareHeader
acmGetVersion
acmFormatDetailsW
acmFormatTagDetailsW
acmFormatChooseW
acmMetrics
acmStreamOpen

msvfw32

ICCompressorFree
ICCompressorChoose
ICLocate
ICClose
ICSendMessage
ICOpen
ICCompress
ICDecompress
ICGetDisplayFormat
ICGetInfo

ntdll

ord1

Exports

Exports

AVIBuildFilter
AVIBuildFilterA
AVIBuildFilterW
AVIClearClipboard
AVIFileAddRef
AVIFileCreateStream
AVIFileCreateStreamA
AVIFileCreateStreamW
AVIFileEndRecord
AVIFileExit
AVIFileGetStream
AVIFileInfo
AVIFileInfoA
AVIFileInfoW
AVIFileInit
AVIFileOpen
AVIFileOpenA
AVIFileOpenW
AVIFileReadData
AVIFileRelease
AVIFileWriteData
AVIGetFromClipboard
AVIMakeCompressedStream
AVIMakeFileFromStreams
AVIMakeStreamFromClipboard
AVIPutFileOnClipboard
AVISave
AVISaveA
AVISaveOptions
AVISaveOptionsFree
AVISaveV
AVISaveVA
AVISaveVW
AVISaveW
AVIStreamAddRef
AVIStreamBeginStreaming
AVIStreamCreate
AVIStreamEndStreaming
AVIStreamFindSample
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamInfo
AVIStreamInfoA
AVIStreamInfoW
AVIStreamLength
AVIStreamOpenFromFile
AVIStreamOpenFromFileA
AVIStreamOpenFromFileW
AVIStreamRead
AVIStreamReadData
AVIStreamReadFormat
AVIStreamRelease
AVIStreamSampleToTime
AVIStreamSetFormat
AVIStreamStart
AVIStreamTimeToSample
AVIStreamWrite
AVIStreamWriteData
CreateEditableStream
DllCanUnloadNow
DllGetClassObject
EditStreamClone
EditStreamCopy
EditStreamCut
EditStreamPaste
EditStreamSetInfo
EditStreamSetInfoA
EditStreamSetInfoW
EditStreamSetName
EditStreamSetNameA
EditStreamSetNameW
IID_IAVIEditStream
IID_IAVIFile
IID_IAVIStream
IID_IGetFrame

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6089747e3ae78414dd1c7863b9db1e2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

winmm

advapi32

ole32

msacm32

msvfw32

ntdll

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 100KB

.data Size: 1024B - Virtual size: 3KB

.pdata Size: 3KB - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 580B

.text
Size: 101KB - Virtual size: 100KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 3KB - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 580B