82f9b78e82f4f193c3e2cf3cfd6b933df627bb32b36afcf65d6fc6f1f130ef2c

Sharing

Copy URL Twitter E-mail

General

Target

82f9b78e82f4f193c3e2cf3cfd6b933df627bb32b36afcf65d6fc6f1f130ef2c
Size

136KB
MD5

854317c3fe51fddf26843d0a7e0e16af
SHA1

983d114ea01e64a845952d4526db24f08524b96e
SHA256

82f9b78e82f4f193c3e2cf3cfd6b933df627bb32b36afcf65d6fc6f1f130ef2c
SHA512

99e8428300206f6af4fcdd11a38735b7e2f9b07b526d2c7621382a568213708f9b9b43a26a0f83bbdabbf436e6feeedeb456550c2b08c3ca90d4463764c38ea0
SSDEEP

3072:JH9IjvYtggcpE6MatbnxjqxMu6izxiqU3arX:JH9YvGggcrMatzxj+M/izUqUqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82f9b78e82f4f193c3e2cf3cfd6b933df627bb32b36afcf65d6fc6f1f130ef2c

Files

82f9b78e82f4f193c3e2cf3cfd6b933df627bb32b36afcf65d6fc6f1f130ef2c
.exe windows:5 windows x86 arch:x86

afcca9429f928ddb0773aff59966ee92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dev\Hauppauge\TVServices\Plugins\CaptureDLNA\CaptureDLNA\Release\CaptureDLNA.pdb

Imports

ws2_32

WSAStartup

kernel32

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
WideCharToMultiByte
Sleep
InitializeCriticalSection
GetCurrentProcessId
TerminateThread
CloseHandle
GetTickCount
SetPriorityClass
MultiByteToWideChar
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetSystemTime
GetCurrentProcess
GetFileTime
CreateFileA
DecodePointer
GetCurrentThreadId
SetEvent
GetModuleHandleA
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
OutputDebugStringA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
SystemTimeToTzSpecificLocalTime

user32

GetMessageA
CharNextA
MessageBoxA
CharNextW
TranslateMessage
CharUpperA
DispatchMessageA
PostThreadMessageA

advapi32

RegQueryValueExA
RegCreateKeyA
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoGetMalloc
CoTaskMemFree
CreateBindCtx
CreateItemMoniker
GetRunningObjectTable
CoAddRefServerProcess
CoReleaseServerProcess
CoInitialize

oleaut32

LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

odbc32

ord75
ord39
ord19
ord43
ord31
ord13
ord12
ord9
ord7
ord24

msvcr110

_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_commode
_fmode
_acmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_ismbblead
_cexit
_exit
__set_app_type
__getmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
_except_handler4_common
?terminate@@YAXXZ
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
_getpid
fclose
fflush
fopen_s
fprintf
_vsnprintf
??3@YAXPAX@Z
__CxxFrameHandler3
memcpy
memset
??2@YAPAXI@Z
printf
_purecall
exit
atoi
toupper
memcpy_s
memmove_s
memmove
_strnicmp
wcscpy_s
wcsstr
_wcsicmp
_vsnwprintf
_endthread
_beginthreadex
sprintf_s
sscanf_s
sprintf
_CxxThrowException
free
wcsncpy_s
strcpy_s
strstr
_fsopen
_mbschr
_mbscmp
_mbsstr
_mbsupr_s
_mbsnbcpy_s
strcat_s
fread
fseek
ftell
??_U@YAPAXI@Z
??_V@YAXPAX@Z
malloc
_resetstkoflw

atl110

ord64
ord61
ord31
ord32
ord58
ord49
ord56
ord17
ord20
ord23
ord67
ord68

msvcp110

?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afcca9429f928ddb0773aff59966ee92

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

odbc32

msvcr110

atl110

msvcp110

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 11KB - Virtual size: 10KB