e07d15df23677f59c16fafbafd9dae2699bc1b0fb09ea1f366ed1898f7bd199a

Sharing

Copy URL

Twitter E-mail

General

Target

e07d15df23677f59c16fafbafd9dae2699bc1b0fb09ea1f366ed1898f7bd199a
Size

444KB
MD5

4a6b209638da9ab9d05ce42819ae84e9
SHA1

bcdfb9219f6d269efc2cb086c4563aa4e32c5323
SHA256

e07d15df23677f59c16fafbafd9dae2699bc1b0fb09ea1f366ed1898f7bd199a
SHA512

126448b96402772c5a75e1b9d07f4419266af034ac1fdba5cf20c104c7643cc175a1ba041c9d0108c3cf5908b9a093fd8e85a7e5a62bb45613e5b506614a8d29
SSDEEP

6144:1aIxe7IpSEWfpa4dzXkfWedQZh2SCVH1+aRkYBXu3tzwy9AanonoSeMsLgc:1Rs7IpAfoqzkfhCZESCXbBc4oC5c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e07d15df23677f59c16fafbafd9dae2699bc1b0fb09ea1f366ed1898f7bd199a

Files

e07d15df23677f59c16fafbafd9dae2699bc1b0fb09ea1f366ed1898f7bd199a
.dll windows:6 windows x64 arch:x64

3e07b0212685d4e47bc45aa72d88bd49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ammlcore

mlt_frame_properties
mlt_events_listen
mlt_frame_pop_audio
mlt_properties_get_name
mlt_properties_count
mlt_frame_pop_service
mlt_events_unblock
mlt_events_block
mlt_properties_pass_property
mlt_frame_init
mlt_properties_get_int
mlt_producer_prepare_next
mlt_producer_new
mlt_producer_seek
mlt_service_get_frame
mlt_producer_get_out
mlt_audio_channel_layout_channels
mlt_audio_channel_layout_id
mlt_audio_channel_layout_default
mlt_audio_channel_layout_name
mlt_repository_register_metadata
mlt_properties_parse_yaml
mlt_service_cache_set_size
mlt_environment
mlt_global_properties
mlt_properties_close
mlt_properties_load
mlt_properties_set_double
mlt_factory_register_for_clean_up
mlt_properties_new
mlt_log_get_level
mlt_properties_set_data
mlt_properties_set_int64
mlt_pool_alloc
mlt_consumer_stop
mlt_deque_pop_front
mlt_events_register
mlt_event_unblock
mlt_deque_count
mlt_consumer_rt_frame
mlt_deque_close
mlt_consumer_stopped
mlt_deque_init
mlt_properties_serialise_yaml
mlt_properties_get_value
mlt_consumer_new
mlt_audio_format_size
mlt_pool_release
mlt_image_format_planes
win32_fopen
mlt_events_fire
mlt_audio_calculate_frame_samples
mlt_consumer_close
mlt_properties_get_double
mlt_properties_pass
mlt_deque_push_back
mlt_frame_get_alpha_mask
mlt_image_format_id
gettimeofday
mlt_frame_close
mlt_event_block
nanosleep
mlt_deque_pop_back
mlt_image_format_size
mlt_frame_set_alpha
mlt_frame_get_original_producer
mlt_image_format_name
mlt_filter_new
mlt_frame_get_alpha
mlt_frame_set_image
mlt_properties_clear
mlt_frame_push_get_image
mlt_filter_close
mlt_service_close
mlt_filter_get_position
mlt_service_lock
mlt_frame_original_position
mlt_profile_fps
mlt_profile_scale_width
mlt_service_unlock
mlt_frame_push_audio
mlt_frame_push_service
mlt_frame_get_position
mlt_audio_calculate_samples_to_position
mlt_frame_set_audio
mlt_audio_copy
mlt_audio_get_planes
mlt_audio_format_name
mlt_audio_alloc_data
mlt_audio_silence
mlt_audio_get_values
mlt_frame_is_test_audio
mlt_audio_shrink
mlt_audio_set_values
mlt_factory_filter
mlt_frame_set_position
mlt_pool_realloc
mlt_properties_set_string
mlt_profile_dar
mlt_cache_close
mlt_service_cache_get
mlt_producer_frame
mlt_cache_item_close
mlt_slices_run_normal
mlt_cache_set_size
mlt_properties_set_position
mlt_cache_init
mlt_producer_init
mlt_producer_get_speed
mlt_frame_clone
mlt_producer_position
mlt_properties_get_position
mlt_service_cache_put
mlt_cache_item_data
mlt_cache_get_frame
mlt_producer_get_fps
mlt_service_cache_purge
mlt_cache_put_frame
mlt_consumer_is_stopped
mlt_profile_init
mlt_profile_close
mlt_tokeniser_init
mlt_tokeniser_get_string
mlt_consumer_put_frame
mlt_properties_pass_list
mlt_service_attach
mlt_consumer_start
mlt_profile_clone
mlt_tokeniser_parse_new
mlt_factory_consumer
mlt_tokeniser_count
mlt_consumer_purge
mlt_properties_inherit
mlt_tokeniser_close
mlt_filter_init
mlt_frame_get_waveform
mlt_filter_get_length2
mlt_filter_get_progress
mlt_properties_anim_get_double
mlt_slices_count_normal
mlt_frame_get_aspect_ratio
mlt_profile_sar
mlt_transition_process
mlt_transition_close
mlt_factory_transition
mlt_frame_pop_service_int
mlt_frame_is_test_card
mlt_frame_push_service_int
mlt_properties_debug
mlt_filter_process
mlt_properties_set_or_default
mlt_filter_get_out
mlt_filter_get_in
mlt_deque_pop_back_double
mlt_frame_set_aspect_ratio
mlt_deque_push_back_double
mlt_properties_inc_ref
mlt_service_apply_filters
mlt_properties_get_color
mlt_consumer_connect
mlt_profile_from_producer
fnmatch
mlt_producer_attach
mlt_playlist_blank
mlt_playlist_remove
mlt_producer_set_in_and_out
mlt_playlist_blank_time
mlt_properties_parse
mlt_tractor_field
mlt_producer_cut_parent
mlt_producer_optimise
mlt_tractor_new
mlt_field_plant_filter
mlt_playlist_close
mlt_playlist_split
mlt_producer_get_playtime
mlt_producer_is_cut
mlt_playlist_append
mlt_playlist_count
mlt_playlist_join
mlt_playlist_mix
mlt_tractor_multitrack
mlt_playlist_new
mlt_playlist_move
mlt_multitrack_connect
mlt_field_properties
mlt_playlist_get_clip_info
mlt_playlist_repeat_clip
mlt_field_plant_transition
mlt_producer_get_in
mlt_repository_metadata
mlt_audio_reverse
mlt_factory_repository
mlt_producer_get_length
mlt_frame_replace_image
mlt_luma_map_render
mlt_transition_init
mlt_geometry_init
mlt_geometry_fetch
mlt_transition_get_progress_delta
mlt_frame_push_frame
mlt_geometry_insert
mlt_profile_lumas_dir
mlt_frame_pop_frame
mlt_transition_get_in
mlt_transition_get_length
mlt_luma_map_from_yuv422
mlt_geometry_refresh
mlt_luma_map_from_pgm
mlt_geometry_interpolate
mlt_geometry_close
mlt_luma_map_new
mlt_geometry_parse_item
mlt_geometry_get_length
mlt_geometry_parse
mlt_transition_get_position
mlt_transition_get_progress
mlt_transition_new
mlt_sdl_mutex
setenv
mlt_consumer_get_frame
mlt_consumer_init
mlt_deque_peek_back
mlt_properties_set_int
mlt_service_profile
mlt_properties_set
mlt_properties_get_data
mlt_factory_producer
mlt_properties_get
mlt_producer_close
mlt_producer_set_speed
mlt_frame_get_image
mlt_frame_get_audio
mlt_properties_get_int64
mlt_repository_register

pthreadvc3

pthread_cond_timedwait
pthread_mutexattr_settype
pthread_cond_init
pthread_cond_broadcast
pthread_cond_wait
pthread_create
pthread_cond_destroy
pthread_join
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_destroy
pthread_mutex_unlock
pthread_mutexattr_init

sdl2

SDL_InitSubSystem
SDL_AudioInit
SDL_GetNumAudioDrivers
SDL_GetError
SDL_OpenAudioDevice
SDL_GetAudioDriver
SDL_DestroyTexture
SDL_RenderCopy
SDL_RenderClear
SDL_PauseAudioDevice
SDL_UpdateTexture
SDL_DestroyRenderer
SDL_Init
SDL_DestroyWindow
SDL_Quit
SDL_QuitSubSystem
SDL_ShowCursor
SDL_CreateTexture
SDL_SetRenderDrawColor
SDL_WasInit
SDL_UpdateYUVTexture
SDL_GetCurrentAudioDriver
SDL_CreateRenderer
SDL_RenderPresent
SDL_MixAudio
SDL_CreateWindow

avformat-gp-58

av_demuxer_iterate
av_find_input_format
av_guess_format
av_iformat_next
av_interleaved_write_frame
av_oformat_next
av_read_frame
av_register_all
av_seek_frame
av_stream_get_side_data
av_write_trailer
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_find_stream_info
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_write_header
avio_alloc_context
avio_close
avio_open

avutil-gp-56

av_buffer_ref
av_buffer_unref
av_d2q
av_dict_free
av_dict_get
av_dict_set
av_display_rotation_get
av_div_q
av_frame_alloc
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_move_ref
av_frame_set_color_range
av_frame_set_colorspace
av_frame_unref
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_string
av_get_default_channel_layout
av_get_pix_fmt
av_get_pix_fmt_name
av_get_sample_fmt
av_get_sample_fmt_name
av_hwdevice_ctx_create
av_hwframe_transfer_data
av_image_alloc
av_image_fill_arrays
av_image_get_buffer_size
av_int_list_length_for_size
av_log_set_level
av_malloc
av_mallocz
av_mallocz_array
av_mul_q
av_opt_find
av_opt_next
av_opt_set
av_opt_set_bin
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_pix_fmt_desc_get
av_realloc
av_rescale_q
av_sample_fmt_is_planar
av_samples_get_buffer_size
av_spherical_projection_name
av_strdup
av_strerror

swresample-gp-3

swr_alloc
swr_convert
swr_free
swr_init
swr_set_matrix

avcodec-gp-58

av_codec_is_encoder
av_codec_iterate
av_codec_next
av_free_packet
av_init_packet
av_lockmgr_register
av_packet_clone
av_packet_free
av_packet_ref
av_packet_unref
avcodec_alloc_context3
avcodec_close
avcodec_descriptor_get
avcodec_fill_audio_frame
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_context_defaults3
avcodec_get_hw_config
avcodec_open2
avcodec_receive_frame
avcodec_receive_packet
avcodec_send_frame
avcodec_send_packet
avpicture_fill

swscale-gp-5

sws_alloc_context
sws_freeContext
sws_getCoefficients
sws_getContext
sws_init_context
sws_scale
sws_setColorspaceDetails

avfilter-gp-7

av_buffersink_get_frame
av_buffersink_get_frame_flags
av_buffersink_get_hw_frames_ctx
av_buffersrc_add_frame
avfilter_get_by_name
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_free
avfilter_init_str
avfilter_link
avfilter_next
avfilter_pad_count
avfilter_pad_get_type
avfilter_register_all

kernel32

WriteConsoleW
CreateFileW
HeapSize
FlushFileBuffers
GetStringTypeW
GetFileSizeEx
GetCurrentDirectoryW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
WideCharToMultiByte
HeapReAlloc
DeleteFileW
MultiByteToWideChar
GetConsoleCP
WriteFile
SetStdHandle
CloseHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
GetStdHandle
HeapAlloc
HeapFree
GetFullPathNameW
GetDriveTypeW
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
ReadFile
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
GetLastError
InterlockedFlushSList
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

mlt_register

Sections

.text
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e07b0212685d4e47bc45aa72d88bd49

Headers

DLL Characteristics

File Characteristics

Imports

ammlcore

pthreadvc3

sdl2

avformat-gp-58

avutil-gp-56

swresample-gp-3

avcodec-gp-58

swscale-gp-5

avfilter-gp-7

kernel32

Exports

Exports

Sections

.text Size: 323KB - Virtual size: 322KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 3KB - Virtual size: 9KB

.pdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 323KB - Virtual size: 322KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 3KB - Virtual size: 9KB

.pdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB