vlc-3[.]0[.]20-win64-901044[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

vlc-3.0.20-win64-901044.zip
Size

21.4MB
MD5

5415ec1b5a476ccc4364845874db4fca
SHA1

e05f2ae5c53dcbea9159ff6ef652bb83239afdaa
SHA256

ac8a549f14403dd92adca5438116859b1eb3a55cf69f11c8b42554d47e78b825
SHA512

87746ee140f09299a748376ace71851ce5445d4f5d0015d291e3ef88aabc0639cf69f26b507bc41b8cd2bc7e5fe7c10aa4f66c6718401ed1aaaac29e7fbd3f0a
SSDEEP

393216:cuNlQYLaWGBUbryUUTHmi6wpHcGuzXZU1nEK4mm/lmEJERAYpCuXSiqnQ1fttz+K:hNZXbmUUTHmkp8GWJMu/lmEJE3prJfLN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Start_0064.exe

Files

vlc-3.0.20-win64-901044.zip
.zip
Start_0064.exe
.exe windows:6 windows x86 arch:x86

9721f6f55ad5d02a82b16a27df00ec67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionEx
FindFirstFileW
SetFileTime
RegisterWaitForSingleObject
GetOEMCP
CloseHandle
DecodePointer
SetFileAttributesW
GlobalAlloc
GetStringTypeW
VerifyVersionInfoW
CreateTimerQueue
GetDateFormatW
GetVersionExW
RtlUnwind
FormatMessageW
CreateEventW
lstrlenA
HeapAlloc
CreateTimerQueueTimer
DuplicateHandle
IsDebuggerPresent
SetFilePointerEx
GetACP
ReleaseSemaphore
InitializeSListHead
SwitchToThread
GetNumaHighestNodeNumber
Sleep
CreateThread
LeaveCriticalSection
CompareStringW
GetModuleHandleExW
TlsFree
GlobalFree
GetFileSize
GetModuleFileNameW
EncodePointer
GetFileType
WaitForSingleObjectEx
SetEndOfFile
SetUnhandledExceptionFilter
GetFullPathNameW
GetModuleHandleA
LCMapStringW
LoadLibraryW
MoveFileW
GetStdHandle
ChangeTimerQueueTimer
GetThreadPriority
DeleteFileW
GetCurrentThread
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
FileTimeToSystemTime
InitializeCriticalSection
GetConsoleOutputCP
SetEnvironmentVariableW
GlobalLock
SystemTimeToTzSpecificLocalTime
MultiByteToWideChar
GetLogicalDriveStringsW
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
VerSetConditionMask
SetEvent
GetCommandLineA
InterlockedPopEntrySList
TlsSetValue
UnregisterWaitEx
VirtualProtect
HeapReAlloc
CompareFileTime
TlsAlloc
EnterCriticalSection
ExitThread
GetLogicalProcessorInformation
DeleteCriticalSection
EnumSystemLocalesW
TryEnterCriticalSection
GetLastError
AcquireSRWLockExclusive
FindFirstFileExW
FreeLibrary
GetCommandLineW
QueryDepthSList
MoveFileExW
FindNextFileW
GetTickCount64
GetFileAttributesExW
lstrcatA
RaiseException
SetLastError
GetTimeZoneInformation
SleepEx
WaitForSingleObject
WriteConsoleW
GetProcessAffinityMask
UnhandledExceptionFilter
GetCurrentDirectoryW
WriteFile
SetFilePointer
GetThreadTimes
WideCharToMultiByte
VirtualAlloc
SetThreadAffinityMask
GetCurrentThreadId
PeekNamedPipe
GetLocaleInfoW
FreeLibraryAndExitThread
FlushFileBuffers
GetStartupInfoW
GetUserDefaultLCID
GetFileAttributesW
IsValidCodePage
ReadConsoleW
GetConsoleMode
QueryPerformanceFrequency
InterlockedPushEntrySList
QueryPerformanceCounter
SetPriorityClass
HeapSize
ExitProcess
SetStdHandle
GetEnvironmentVariableA
RemoveDirectoryW
TerminateProcess
IsProcessorFeaturePresent
GetEnvironmentStringsW
GlobalUnlock
ReadFile
UnregisterWait
CreateDirectoryW
GetModuleHandleW
GetCPInfo
WaitForMultipleObjects
TlsGetValue
GetTimeFormatW
GetCurrentProcess
GetTickCount
FileTimeToLocalFileTime
InterlockedFlushSList
FindClose
GetProcAddress
LocalFree
GetProcessHeap
GetSystemDirectoryW
CreateSemaphoreW
VirtualFree
FreeEnvironmentStringsW
SignalObjectAndWait
GlobalMemoryStatus
GetFileSizeEx
ResetEvent
ReleaseSRWLockExclusive
GetVersion
HeapFree
LoadLibraryExW
SetThreadPriority
IsValidLocale
GetCurrentProcessId
GetSystemInfo
DeleteTimerQueueTimer

user32

GetMonitorInfoA
InvalidateRect
DialogBoxParamW
GetWindowTextW
MonitorFromWindow
SetWindowTextW
IsDlgButtonChecked
GetWindowLongW
CloseClipboard
CheckDlgButton
LoadStringW
SetDlgItemTextW
GetWindowRect
KillTimer
wsprintfA
ScreenToClient
LoadCursorW
EmptyClipboard
PostMessageW
MessageBoxA
LoadIconW
ShowWindow
SendMessageW
SetFocus
SetClipboardData
SetWindowLongW
EnableWindow
MoveWindow
MessageBoxW
GetParent
GetFocus
EndDialog
MapDialogRect
GetDlgItem
SetCursor
GetKeyState
GetWindowTextLengthW
SystemParametersInfoW
OpenClipboard
SetTimer
CharUpperW

advapi32

CryptGetHashParam
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptHashData
CloseServiceHandle
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptDestroyHash

shell32

SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SysStringLen

bcrypt

BCryptGenRandom

crypt32

CertFreeCertificateChain
CertFindExtension
CertCreateCertificateChainEngine
CertOpenStore
CertGetNameStringW
CertEnumCertificatesInStore
CryptStringToBinaryW
PFXImportCertStore
CertCloseStore
CertFreeCertificateChainEngine
CertFindCertificateInStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFreeCertificateContext
CertGetCertificateChain
CryptQueryObject

wldap32

ord73
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord117
ord26
ord27

ws2_32

recvfrom
sendto
getpeername
ioctlsocket
gethostname
getaddrinfo
freeaddrinfo
getsockopt
send
WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
socket
WSAResetEvent
WSAWaitForMultipleEvents
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
htons
setsockopt
WSACloseEvent
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
WSAIoctl

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9721f6f55ad5d02a82b16a27df00ec67

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

bcrypt

crypt32

wldap32

ws2_32

Sections

.text Size: 6.6MB - Virtual size: 6.6MB

.rdata Size: 276KB - Virtual size: 275KB

.data Size: 13KB - Virtual size: 34KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 96KB - Virtual size: 95KB

.text
Size: 6.6MB - Virtual size: 6.6MB

.rdata
Size: 276KB - Virtual size: 275KB

.data
Size: 13KB - Virtual size: 34KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 96KB - Virtual size: 95KB