63b6a8accaa4d39ab3c9cf2fc9f20256a8c0215d27249b01a4c9984a193d07e6

Sharing

Copy URL Twitter E-mail

General

Target

63b6a8accaa4d39ab3c9cf2fc9f20256a8c0215d27249b01a4c9984a193d07e6
Size

48KB
MD5

5fed68180cd3574c43b60b338e23a712
SHA1

8b0a80c80910114f8a7012239e4215743f246dd3
SHA256

63b6a8accaa4d39ab3c9cf2fc9f20256a8c0215d27249b01a4c9984a193d07e6
SHA512

eb50ae2dad70cbf527a3bf2b39eae34925cd3bec9e3af9f6c609ce50905788d3e2634def1d48cbe541259f836f24bf59db64346cd780a7643f0b8d1e56c0338c
SSDEEP

768:N+mdcDLoeBytoNZVdkTzYzJTLYT055mLO0ZIzJGlZe:3dBevV+3YzJ55AO0lls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b6a8accaa4d39ab3c9cf2fc9f20256a8c0215d27249b01a4c9984a193d07e6

Files

63b6a8accaa4d39ab3c9cf2fc9f20256a8c0215d27249b01a4c9984a193d07e6
.dll windows:4 windows x86 arch:x86

e0be852f0517546fc04cf5d94d6c8280

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

z:\VcObj\EdmDpPlay\DP_PlaySDK.pdb

Imports

kernel32

ResumeThread
TerminateThread
SetEvent
OutputDebugStringA
WaitForMultipleObjects
DisableThreadLibraryCalls
CreateFileA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
SetFilePointer
WriteFile
WaitForSingleObject
GetLastError
GetCurrentProcessId
VirtualQuery
GetLongPathNameA
GetModuleFileNameA
CreateEventA
MoveFileExA

user32

MessageBoxA
InvalidateRect

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?_Nomemory@std@@YAXXZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

cuplaysdk

CUPlayStreamMode
CUPlayDecodeAudio
CUPlayPlayData
CUPlayDecodeVideo
CUPlaySetVideoPara
CUPlayCloseStream
CUPlayPause
CUPlayEnableSound
CUPlayCapImageBmp
CUPlaySetWnd
CUPlayCleanBuff
CUPlayGetBufferRemainDataSize
CUPlayOpenStream
CUPlayUninit
CUPlayInit

msvcr71

?terminate@@YAXXZ
_except_handler3
__CppXcptFilter
_adjust_fdiv
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
_vsnprintf
localtime
_purecall
exit
_splitpath
??_V@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_ftime
_CxxThrowException
floor
_snprintf
_beginthreadex
_endthreadex
malloc
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
free
_initterm

Exports

Exports

CreateVideoFactory
DestroyVideoFactory

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0be852f0517546fc04cf5d94d6c8280

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp71

winmm

cuplaysdk

msvcr71

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 548B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 548B

.reloc
Size: 4KB - Virtual size: 3KB