bb3b031e7f128e29b310496ced21c6560ee44f441567c740d64e5f622b69309b

Sharing

Copy URL Twitter E-mail

General

Target

bb3b031e7f128e29b310496ced21c6560ee44f441567c740d64e5f622b69309b
Size

27KB
MD5

7449f42ca62c9d396fcd5d276c878683
SHA1

7f9f339c1610b9ceaa37bfcfbd0260e318f4c925
SHA256

bb3b031e7f128e29b310496ced21c6560ee44f441567c740d64e5f622b69309b
SHA512

3d362b698c59fcafe2eb709ed28ac49fe32384d9475d153e1945bc454111768af7366feb6270fd9a1c87689ef4797b4446c48478e9126e658fda0983228e009b
SSDEEP

384:dVwQKu72kCP8Cw1uMtD3n6Lmm01oy1P+TWw/LYn0V8juKKQK+xZbQr5ro0ZStyx7:v7eRMtDX6LoDPZY/s5R9QuqrQIOP2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb3b031e7f128e29b310496ced21c6560ee44f441567c740d64e5f622b69309b

Files

bb3b031e7f128e29b310496ced21c6560ee44f441567c740d64e5f622b69309b
.dll windows:6 windows x86 arch:x86

b5c072e0f3566efb335d6c0aa4bdad32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\MediaPortal-1\MediaPortal-1\DirectShowFilters\MPIPTVSource\MPIPTV_RTP\bin\Release\MPIPTV_RTP.pdb

Imports

mpiptvsource.ax

?GetConfiguration@@YAPAVCParameterCollection@@PAVCLogger@@PBD11@Z
?Append@?$CCollection@VCParameter@@PAD@@QAEXPAV1@@Z
?GetValueLong@CParameterCollection@@QAEJPAD_NJ@Z
?DuplicateA@@YAPADPBD@Z
?SafeResizeBuffer@LinearBuffer@@QAE_NPAXI_NPAVCLogger@@PBD3@Z
?AddToBuffer@LinearBuffer@@QAEIPADI@Z
?DumpInputPacket@@YAHU_GUID@@IPAD@Z
?GetDataFromSocket@@YAHPAVCLogger@@PBD1IPADI@Z
?ZeroURL@@YAXPAUURL_COMPONENTSA@@@Z
?LogCollection@CParameterCollection@@QAEXPAVCLogger@@IPBD1@Z
?Log@CLogger@@QAAXIPBDZZ

mpiptv_udp

?ClearSession@CMPIPTV_UDP@@UAEHXZ
?OpenConnection@CMPIPTV_UDP@@UAEHXZ
?IsConnected@CMPIPTV_UDP@@UAEHXZ
?CloseConnection@CMPIPTV_UDP@@UAEXXZ
?GetSafeBufferSizes@CMPIPTV_UDP@@UAEXPAXPAI11@Z
?GetInstanceId@CMPIPTV_UDP@@UAE?AU_GUID@@XZ
?ReceiveData@CMPIPTV_UDP@@UAEXPA_N@Z
?FillBuffer@CMPIPTV_UDP@@UAEIPAUIMediaSample@@PADJ@Z
??4CMPIPTV_UDP@@QAEAAV0@ABV0@@Z
??1CMPIPTV_UDP@@QAE@XZ
??0CMPIPTV_UDP@@QAE@XZ
?Initialize@CMPIPTV_UDP@@UAEHPAXPAVCParameterCollection@@@Z
??0CMPIPTV_UDP@@QAE@ABV0@@Z

wininet

InternetCrackUrlA

kernel32

WaitForSingleObject
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
ReleaseMutex
GetSystemTime

ole32

CoTaskMemAlloc
CoTaskMemFree

vcruntime140

_CxxThrowException
__std_exception_destroy
__std_exception_copy
__CxxFrameHandler3
memcpy
memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-multibyte-l1-1-0

_mbsnbcat_s
_mbsnicmp

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_configure_narrow_argv
_cexit
_initterm_e
_execute_onexit_table
_seh_filter_dll
_initialize_onexit_table
_initterm

Exports

Exports

??0CMPIPTV_RTP@@QAE@ABV0@@Z
??0CMPIPTV_RTP@@QAE@XZ
??0RtpPacket@@QAE@PBDIPAV0@1@Z
??0RtpSource@@QAE@PAVCLogger@@@Z
??1CMPIPTV_RTP@@QAE@XZ
??1RtpPacket@@QAE@XZ
??1RtpSource@@QAE@XZ
??4CMPIPTV_RTP@@QAEAAV0@ABV0@@Z
??4RtpPacket@@QAEAAV0@ABV0@@Z
??4RtpSource@@QAEAAV0@ABV0@@Z
??_7CMPIPTV_RTP@@6B@
?AddPacket@RtpSource@@QAE_NPAVRtpPacket@@@Z
?ClearMarker@RtpPacket@@QAE_NXZ
?ClearSession@CMPIPTV_RTP@@UAEHXZ
?Clone@RtpPacket@@QAEPAV1@XZ
?CloseConnection@CMPIPTV_RTP@@UAEXXZ
?FillBuffer@CMPIPTV_RTP@@UAEIPAUIMediaSample@@PADJ@Z
?GetAndRemovePacketData@RtpSource@@QAEIPADIPAI1_N@Z
?GetContributingSourceIdCount@RtpPacket@@QAEIXZ
?GetData@RtpPacket@@QAEIPADI@Z
?GetDataLength@RtpPacket@@QAEIXZ
?GetExtensionHeader@RtpPacket@@QAEIXZ
?GetExtensionHeaderData@RtpPacket@@QAEIPADI@Z
?GetExtensionHeaderFullLength@RtpPacket@@QAEIXZ
?GetExtensionHeaderLength@RtpPacket@@QAEIXZ
?GetInternalRtpPacket@RtpSource@@IAEPAVRtpPacket@@H@Z
?GetInternalRtpPacket@RtpSource@@IAEPAVRtpPacket@@I@Z
?GetMarker@RtpPacket@@QAEIXZ
?GetNextPacket@RtpPacket@@QAEPAV1@XZ
?GetOpenConnectionMaximumAttempts@CMPIPTV_RTP@@UAEIXZ
?GetPacketCount@RtpSource@@QAEIXZ
?GetPacketData@RtpPacket@@QAEIPADI@Z
?GetPacketData@RtpSource@@QAEIPADIPAI1_N@Z
?GetPacketLength@RtpPacket@@QAEIXZ
?GetPadding@RtpPacket@@QAEIXZ
?GetPaddingLength@RtpPacket@@QAEIXZ
?GetPayloadType@RtpPacket@@QAEIXZ
?GetPreviousPacket@RtpPacket@@QAEPAV1@XZ
?GetProfileSpecificExtensionHeaderId@RtpPacket@@QAEIXZ
?GetProtocolName@CMPIPTV_RTP@@UAEPADXZ
?GetReceiveDataTimeout@CMPIPTV_RTP@@UAEIXZ
?GetRtpPacket@RtpSource@@QAEPAVRtpPacket@@H@Z
?GetRtpPacket@RtpSource@@QAEPAVRtpPacket@@I@Z
?GetSafeBufferSizes@CMPIPTV_RTP@@UAEXPAXPAI11@Z
?GetSequenceNumber@RtpPacket@@QAEIXZ
?GetSourceIdentifier@RtpPacket@@QAEIXZ
?GetTimestamp@RtpPacket@@QAEIXZ
?GetVersion@RtpPacket@@QAEIXZ
?Initialize@CMPIPTV_RTP@@UAEHPAXPAVCParameterCollection@@@Z
?IsConnected@CMPIPTV_RTP@@UAEHXZ
?IsExtensionHeader@RtpPacket@@QAE_NXZ
?IsMarker@RtpPacket@@QAE_NXZ
?IsPacketBetween@RtpSource@@QAE_NPAVRtpPacket@@00@Z
?IsPadding@RtpPacket@@QAE_NXZ
?IsRtpPacket@RtpPacket@@QAE_NXZ
?IsRtpPacket@RtpSource@@QAE_NPADI@Z
?IsSequenceContinuous@RtpSource@@QAE_NII@Z
?OpenConnection@CMPIPTV_RTP@@UAEHXZ
?PacketSequenceNumberDifference@RtpSource@@QAEHPAVRtpPacket@@0@Z
?ParseUrl@CMPIPTV_RTP@@UAEHPBDPBVCParameterCollection@@@Z
?ProcessPacket@RtpSource@@QAE_NPADI@Z
?ReceiveData@CMPIPTV_RTP@@UAEXPA_N@Z
?RemoveInternalRtpPacket@RtpSource@@IAE_NPAVRtpPacket@@@Z
?RemoveRtpPacket@RtpSource@@QAE_NH@Z
?RemoveRtpPacket@RtpSource@@QAE_NI@Z
?SetContributingSourceId@RtpPacket@@QAE_NPAII@Z
?SetData@RtpPacket@@QAE_NPADI@Z
?SetExtensionHeader@RtpPacket@@QAE_NIPADI@Z
?SetMarker@RtpPacket@@QAE_NXZ
?SetNextPacket@RtpPacket@@QAEXPAV1@@Z
?SetPadding@RtpPacket@@QAE_NI@Z
?SetPayloadType@RtpPacket@@QAE_NI@Z
?SetPreviousPacket@RtpPacket@@QAEXPAV1@@Z
?SetSequenceNumber@RtpPacket@@QAE_NI@Z
?SetSourceIdentifier@RtpPacket@@QAE_NI@Z
?SetTimestamp@RtpPacket@@QAE_NI@Z
?SetVersion@RtpPacket@@QAE_NI@Z
CreateProtocolInstance
DestroyProtocolInstance

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5c072e0f3566efb335d6c0aa4bdad32

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mpiptvsource.ax

mpiptv_udp

wininet

kernel32

ole32

vcruntime140

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB