bbc2694c946cab03062d72c50d6e756a247069da308e550af835a7736003d488

Sharing

Copy URL Twitter E-mail

General

Target

bbc2694c946cab03062d72c50d6e756a247069da308e550af835a7736003d488
Size

236KB
MD5

237559b9b7dbaedf84f48d65c70b419f
SHA1

5cbe762173662713018c07b5f3fa787895197ee5
SHA256

bbc2694c946cab03062d72c50d6e756a247069da308e550af835a7736003d488
SHA512

85afedd0c56a204f91959b4e01beeb843b0a981babefe8d74d8de07ce159f6e182a83a0c89f47abdab74f8a885547086a64fdcb9cbfd2b5a8d4961bb015d97fe
SSDEEP

6144:Q59+RCl5NrWZoo4S6U8Wo/oi/JfOMBfc6O6j:Qz+oXNRhjoW9Oy1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbc2694c946cab03062d72c50d6e756a247069da308e550af835a7736003d488

Files

bbc2694c946cab03062d72c50d6e756a247069da308e550af835a7736003d488
.dll windows:5 windows x86 arch:x86

382d30e50ed890f5e6025503a8591867

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgpac

gf_m4a_get_config
gf_m4a_write_config
gf_f64_tell
gf_bs_read_data
gf_service_disconnect_ack
gf_service_download_new
gf_dm_sess_process
gf_service_download_update_stats
gf_dm_sess_get_stats
gf_dm_sess_get_cache_name
gf_f64_open
gf_dm_sess_abort
gf_service_download_del
gf_service_connect_ack
gf_service_send_packet
gf_modules_get_option
gf_log_tool_level_on
gf_log_lt
gf_log
gf_service_command
gf_sleep
gf_bs_from_file
gf_f64_seek
gf_bs_get_position
gf_bs_available
gf_bs_read_u8
gf_bs_read_int
gf_bs_read_u16
gf_bs_seek
gf_bs_skip_bytes
gf_odf_desc_new
gf_list_add
gf_service_declare_media
gf_odf_desc_esd_new
gf_bs_new
gf_bs_write_int
gf_bs_align
gf_bs_get_content
gf_bs_del
gf_service_check_mime_register
gf_service_register_mime

msvcr100

atof
_strnicmp
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
qsort
_CIlog
_CIcos
_CIsin
_CIsqrt
memmove
_CIpow
sscanf
_gmtime64
_time64
strrchr
memset
free
malloc
_strdup
realloc
memcpy
fclose
strchr
strstr

kernel32

IsDebuggerPresent
DecodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsProcessorFeaturePresent
EncodePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

LoadInterface
QueryInterfaces
ShutdownInterface

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

382d30e50ed890f5e6025503a8591867

Headers

DLL Characteristics

File Characteristics

Imports

libgpac

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 10KB - Virtual size: 10KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 10KB - Virtual size: 10KB

.reloc
Size: 3KB - Virtual size: 3KB