b48a87c141fe98afc39dff379970a782a619ecca96968686d414f401b8ad9add

Sharing

Copy URL Twitter E-mail

General

Target

b48a87c141fe98afc39dff379970a782a619ecca96968686d414f401b8ad9add
Size

331KB
MD5

5cd64040edbc5be1a425b5454abecd2d
SHA1

7a7b6835c202aca0001d26a24287bedc5317f73e
SHA256

b48a87c141fe98afc39dff379970a782a619ecca96968686d414f401b8ad9add
SHA512

5882e1635d7e403543ef5036c54296ab367d1cd8e09496e5c0ea2f44743136bedbc42dc66198e5fa4e63c9b7f2634e8ff1b5f7bdf672f1fcf5cd1268f7ad0e4d
SSDEEP

6144:SRUn3zYkkp0AerlbelM3T31Gd4o149mv4xb647D2ehoTlKGUZbs5V0+KlA:JnrAKl3ZGd2mg44n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b48a87c141fe98afc39dff379970a782a619ecca96968686d414f401b8ad9add

Files

b48a87c141fe98afc39dff379970a782a619ecca96968686d414f401b8ad9add
.dll windows:6 windows x64 arch:x64

0791fe0d59f4aadd0e92888707f8443e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Imports

libvlccore

config_ChainParse
picture_Copy
picture_Destroy
picture_pool_Get
picture_pool_NewFromFormat
picture_pool_Release
var_Inherit
vlc_frame_Alloc
vlc_frame_Release
vlc_object_Log
vlc_tick_sleep

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_aligned_free
_aligned_malloc
_amsg_exit
_assert
_beginthreadex
_errno
_initterm
_lock
_unlock
_wassert
_wfopen_s
_write
abort
calloc
fclose
fflush
fgetws
fputc
free
fwrite
getenv
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
realloc
strcmp
strerror
strlen
strncmp
swscanf_s
vfprintf
wcscat
wcschr
wcscpy
wcscspn
wcslen
wcsrchr
wcsstr
wcstoul

kernel32

AcquireSRWLockExclusive
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileW
FindNextFileW
FlsAlloc
FlsGetValue
FlsSetValue
FreeLibrary
GetCurrentProcess
GetCurrentThreadId
GetFileAttributesW
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetThreadId
InitOnceExecuteOnce
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSRWLockExclusive
RtlLookupFunctionEntry
RtlRestoreContext
RtlUnwindEx
RtlVirtualUnwind
SetThreadErrorMode
Sleep
SleepConditionVariableSRW
SwitchToThread
TerminateProcess
TlsGetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte

advapi32

RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

ole32

StringFromGUID2

Exports

Exports

vlc_entry
vlc_entry_api_version
vlc_entry_copyright
vlc_entry_license

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0791fe0d59f4aadd0e92888707f8443e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libvlccore

msvcrt

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 244KB - Virtual size: 244KB

.rdata Size: 68KB - Virtual size: 67KB

.buildid Size: 512B - Virtual size: 53B

.data Size: 512B - Virtual size: 3KB

.pdata Size: 10KB - Virtual size: 10KB

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 3KB - Virtual size: 3KB

/4 Size: 512B - Virtual size: 28B

.text
Size: 244KB - Virtual size: 244KB

.rdata
Size: 68KB - Virtual size: 67KB

.buildid
Size: 512B - Virtual size: 53B

.data
Size: 512B - Virtual size: 3KB

.pdata
Size: 10KB - Virtual size: 10KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 3KB - Virtual size: 3KB

/4
Size: 512B - Virtual size: 28B