700ac056b080433852e1be7beae2212d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

700ac056b080433852e1be7beae2212d_JaffaCakes118
Size

356KB
MD5

700ac056b080433852e1be7beae2212d
SHA1

825cc963faf538dfb2d532a94caee8a54795e9b4
SHA256

426165de64127c39b4b6deab50b03942041b536cb4c21baea2613a0f8b803201
SHA512

180add290b30d5da57c4b4c360fb13e883417e2ba28c65f8b8899f249cda4417b703ca1f1c1170f98dd309c91fa7e2e2ccc17f8b7458e14945648651357c7093
SSDEEP

6144:mYZIuwUk96kADD/TTYJmnqxGeb9RrYCp9qVsMN4WepoijyRmL8U:dIxJQrTYJzGIPrYCTqVbIX/AU

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
700ac056b080433852e1be7beae2212d_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/libvlc.dll
unpack001/libvlccore.dll
unpack001/vlc-cache-gen.exe
unpack001/vlc.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_2

Files

700ac056b080433852e1be7beae2212d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28a099a911237a28521d8b7ea250f089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 107KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

7458f96eb10904198d988c72ce690084

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteObject
GetDIBits
GetObjectA
SelectObject
SetTextColor

kernel32

GetCurrentDirectoryA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
MultiByteToWideChar
SetCurrentDirectoryA
WritePrivateProfileStringA
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

ole32

CoTaskMemFree

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

user32

CallWindowProcA
CharNextA
CloseClipboard
CreateDialogParamA
CreateWindowExA
DestroyIcon
DestroyWindow
DispatchMessageA
DrawFocusRect
DrawTextA
EnableMenuItem
EnableWindow
GetClientRect
GetClipboardData
GetDlgCtrlID
GetDlgItem
GetMessageA
GetSystemMenu
GetWindowLongA
GetWindowRect
GetWindowTextA
IsDialogMessageA
LoadCursorA
LoadIconA
LoadImageA
MapDialogRect
MapWindowPoints
MessageBoxA
OpenClipboard
PostMessageA
PtInRect
SendMessageA
SetCursor
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
ShowWindow
TranslateMessage
wsprintfA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

a4cdec8650dfe0ec28dd3e52e25dae2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

CreateFontIndirectA
DeleteObject
GetDeviceCaps

kernel32

GetACP
GetModuleHandleA
GlobalAlloc
GlobalFree
MulDiv
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

DialogBoxParamA
EndDialog
GetDC
LoadIconA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetWindowTextA
ShowWindow
wsprintfA

Exports

Exports

LangDialog

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

2274cc1534607459cdd304a928601ef9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
GlobalAlloc
lstrlenA
lstrcpynA
GetVersionExA
lstrcmpiA
GetCurrentThreadId
LoadLibraryA
FreeLibrary
GetLastError
GetExitCodeProcess
WaitForSingleObject
DuplicateHandle
Sleep
GetCurrentProcessId
CreateThread
GetCommandLineA
OpenProcess
MultiByteToWideChar
FormatMessageA
LocalFree
GlobalFree
CloseHandle
SetLastError
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA

user32

SendMessageW
DialogBoxParamA
CharNextA
UnhookWindowsHookEx
CallNextHookEx
GetClassNameA
SetWindowsHookExA
SendMessageTimeoutA
WaitForInputIdle
DefWindowProcA
PostMessageA
GetLastActivePopup
PostQuitMessage
SetForegroundWindow
DispatchMessageA
GetMessageA
CreateWindowExA
RegisterClassA
UnregisterClassA
GetWindowTextA
TranslateMessage
IsDialogMessageA
PeekMessageA
MsgWaitForMultipleObjects
IsWindow
GetWindowThreadProcessId
MessageBoxA
SetWindowLongA
LoadImageA
DestroyWindow
GetWindowLongA
EnableWindow
ShowWindow
SetWindowTextA
wsprintfA
GetDlgItem
SendMessageA
LoadStringA
EndDialog

advapi32

RegCloseKey
QueryServiceStatus
OpenServiceA
CloseServiceHandle
OpenSCManagerA
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteExA

ole32

CoInitialize
CoUninitialize

Exports

Exports

Exec
ExecCodeSegment
ExecWait
GetElevationType
GetOuterHwnd
GetShellFolderPath
IsAdmin
RunElevated
ShellExec
ShellExecWait
StackPush
SupportsUAC
Unload

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
libvlc.dll
.dll windows:4 windows x86 arch:x86

8511b434f6fe49368880f94972294b00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

VLC_Compiler
VLC_Version
aout_SetMute
aout_ToggleMute
aout_VolumeGet
aout_VolumeSet
config_FindConfig
config_GetUserDir
input_Control
input_Create
input_DetachResource
input_Read
input_Start
input_Stop
input_item_AddOption
input_item_GetDuration
input_item_GetMeta
input_item_GetURI
input_item_IsPreparsed
input_item_NewExt
input_item_SetMeta
input_item_WriteMeta
input_resource_Delete
input_resource_TerminateVout
libvlc_InternalAddIntf
libvlc_InternalCleanup
libvlc_InternalCreate
libvlc_InternalDestroy
libvlc_InternalInit
libvlc_InternalWait
make_URI
module_exists
module_get_name
module_get_object
module_list_free
module_list_get
module_provides
msg_Subscribe
msg_Unsubscribe
playlist_AskForArtEnqueue
playlist_Control
playlist_PreparseEnqueue
services_discovery_EventManager
services_discovery_GetLocalizedName
var_AddCallback
var_Change
var_Create
var_DelCallback
var_FreeList
var_Get
var_GetAndSet
var_GetChecked
var_Set
var_SetChecked
var_TriggerCallback
var_Type
vlc_cancel
vlc_clone
vlc_cond_broadcast
vlc_cond_destroy
vlc_cond_init
vlc_cond_signal
vlc_cond_wait
vlc_control_cancel
vlc_event_attach
vlc_event_detach
vlc_gettext
vlc_hold
vlc_join
vlc_mutex_destroy
vlc_mutex_init
vlc_mutex_init_recursive
vlc_mutex_lock
vlc_mutex_unlock
vlc_object_attach
vlc_object_create
vlc_object_find_name
vlc_object_hold
vlc_object_release
vlc_release
vlc_sd_Create
vlc_sd_Destroy
vlc_sd_Start
vlc_sd_Stop
vlc_thread_join
vlc_threadvar_create
vlc_threadvar_delete
vlc_threadvar_get
vlc_threadvar_set
vlm_Control
vlm_Delete
vlm_ExecuteCommand
vlm_New
vout_EnableFilter

kernel32

DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_iob
abort
bsearch
calloc
fflush
fgetc
fputc
free
fwrite
getenv
gmtime
localeconv
localtime
malloc
memchr
memcpy
memmove
realloc
strchr
strcmp
strlen
strpbrk
strspn
toupper
vfprintf
wcslen

Exports

Exports

libvlc_add_intf
libvlc_audio_get_channel
libvlc_audio_get_mute
libvlc_audio_get_track
libvlc_audio_get_track_count
libvlc_audio_get_track_description
libvlc_audio_get_volume
libvlc_audio_output_device_count
libvlc_audio_output_device_id
libvlc_audio_output_device_longname
libvlc_audio_output_device_set
libvlc_audio_output_get_device_type
libvlc_audio_output_list_get
libvlc_audio_output_list_release
libvlc_audio_output_set
libvlc_audio_output_set_device_type
libvlc_audio_set_channel
libvlc_audio_set_mute
libvlc_audio_set_track
libvlc_audio_set_volume
libvlc_audio_toggle_mute
libvlc_clearerr
libvlc_errmsg
libvlc_event_attach
libvlc_event_detach
libvlc_event_manager_new
libvlc_event_manager_register_event_type
libvlc_event_manager_release
libvlc_event_send
libvlc_event_type_name
libvlc_get_changeset
libvlc_get_compiler
libvlc_get_fullscreen
libvlc_get_input_thread
libvlc_get_log_verbosity
libvlc_get_version
libvlc_log_clear
libvlc_log_close
libvlc_log_count
libvlc_log_get_iterator
libvlc_log_iterator_free
libvlc_log_iterator_has_next
libvlc_log_iterator_next
libvlc_log_open
libvlc_media_add_option
libvlc_media_add_option_flag
libvlc_media_discoverer_event_manager
libvlc_media_discoverer_is_running
libvlc_media_discoverer_localized_name
libvlc_media_discoverer_media_list
libvlc_media_discoverer_new_from_name
libvlc_media_discoverer_release
libvlc_media_duplicate
libvlc_media_event_manager
libvlc_media_get_duration
libvlc_media_get_meta
libvlc_media_get_mrl
libvlc_media_get_state
libvlc_media_get_stats
libvlc_media_get_tracks_info
libvlc_media_get_user_data
libvlc_media_is_parsed
libvlc_media_library_load
libvlc_media_library_media_list
libvlc_media_library_new
libvlc_media_library_release
libvlc_media_library_retain
libvlc_media_list_add_file_content
libvlc_media_list_add_media
libvlc_media_list_count
libvlc_media_list_event_manager
libvlc_media_list_index_of_item
libvlc_media_list_insert_media
libvlc_media_list_is_readonly
libvlc_media_list_item_at_index
libvlc_media_list_lock
libvlc_media_list_media
libvlc_media_list_new
libvlc_media_list_player_event_manager
libvlc_media_list_player_get_state
libvlc_media_list_player_is_playing
libvlc_media_list_player_new
libvlc_media_list_player_next
libvlc_media_list_player_pause
libvlc_media_list_player_play
libvlc_media_list_player_play_item
libvlc_media_list_player_play_item_at_index
libvlc_media_list_player_previous
libvlc_media_list_player_release
libvlc_media_list_player_set_media_list
libvlc_media_list_player_set_media_player
libvlc_media_list_player_set_playback_mode
libvlc_media_list_player_stop
libvlc_media_list_release
libvlc_media_list_remove_index
libvlc_media_list_retain
libvlc_media_list_set_media
libvlc_media_list_unlock
libvlc_media_new_as_node
libvlc_media_new_from_input_item
libvlc_media_new_location
libvlc_media_new_path
libvlc_media_parse
libvlc_media_parse_async
libvlc_media_player_can_pause
libvlc_media_player_event_manager
libvlc_media_player_get_agl
libvlc_media_player_get_chapter
libvlc_media_player_get_chapter_count
libvlc_media_player_get_chapter_count_for_title
libvlc_media_player_get_fps
libvlc_media_player_get_hwnd
libvlc_media_player_get_length
libvlc_media_player_get_media
libvlc_media_player_get_nsobject
libvlc_media_player_get_position
libvlc_media_player_get_rate
libvlc_media_player_get_state
libvlc_media_player_get_time
libvlc_media_player_get_title
libvlc_media_player_get_title_count
libvlc_media_player_get_xwindow
libvlc_media_player_has_vout
libvlc_media_player_is_playing
libvlc_media_player_is_seekable
libvlc_media_player_new
libvlc_media_player_new_from_media
libvlc_media_player_next_chapter
libvlc_media_player_next_frame
libvlc_media_player_pause
libvlc_media_player_play
libvlc_media_player_previous_chapter
libvlc_media_player_release
libvlc_media_player_retain
libvlc_media_player_set_agl
libvlc_media_player_set_chapter
libvlc_media_player_set_hwnd
libvlc_media_player_set_media
libvlc_media_player_set_nsobject
libvlc_media_player_set_position
libvlc_media_player_set_rate
libvlc_media_player_set_time
libvlc_media_player_set_title
libvlc_media_player_set_xwindow
libvlc_media_player_stop
libvlc_media_player_will_play
libvlc_media_release
libvlc_media_retain
libvlc_media_save_meta
libvlc_media_set_meta
libvlc_media_set_state
libvlc_media_set_user_data
libvlc_media_subitems
libvlc_new
libvlc_playlist_play
libvlc_printerr
libvlc_release
libvlc_retain
libvlc_set_fullscreen
libvlc_set_log_verbosity
libvlc_toggle_fullscreen
libvlc_toggle_teletext
libvlc_track_description_release
libvlc_video_get_aspect_ratio
libvlc_video_get_chapter_description
libvlc_video_get_crop_geometry
libvlc_video_get_cursor
libvlc_video_get_height
libvlc_video_get_logo_int
libvlc_video_get_marquee_int
libvlc_video_get_marquee_string
libvlc_video_get_scale
libvlc_video_get_size
libvlc_video_get_spu
libvlc_video_get_spu_count
libvlc_video_get_spu_description
libvlc_video_get_teletext
libvlc_video_get_title_description
libvlc_video_get_track
libvlc_video_get_track_count
libvlc_video_get_track_description
libvlc_video_get_width
libvlc_video_set_aspect_ratio
libvlc_video_set_crop_geometry
libvlc_video_set_deinterlace
libvlc_video_set_key_input
libvlc_video_set_logo_int
libvlc_video_set_logo_string
libvlc_video_set_marquee_int
libvlc_video_set_marquee_string
libvlc_video_set_mouse_input
libvlc_video_set_scale
libvlc_video_set_spu
libvlc_video_set_subtitle_file
libvlc_video_set_teletext
libvlc_video_set_track
libvlc_video_take_snapshot
libvlc_vlm_add_broadcast
libvlc_vlm_add_input
libvlc_vlm_add_vod
libvlc_vlm_change_media
libvlc_vlm_del_media
libvlc_vlm_get_event_manager
libvlc_vlm_get_media_instance_length
libvlc_vlm_get_media_instance_position
libvlc_vlm_get_media_instance_rate
libvlc_vlm_get_media_instance_time
libvlc_vlm_pause_media
libvlc_vlm_play_media
libvlc_vlm_release
libvlc_vlm_seek_media
libvlc_vlm_set_enabled
libvlc_vlm_set_input
libvlc_vlm_set_loop
libvlc_vlm_set_mux
libvlc_vlm_set_output
libvlc_vlm_show_media
libvlc_vlm_stop_media
libvlc_vprinterr
libvlc_wait

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 512B - Virtual size: 20B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libvlccore.dll
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1010KB - Virtual size: 1010KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 512B - Virtual size: 24B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vlc-cache-gen.exe
.exe windows:4 windows x86 arch:x86

55c5534b3c15c84ac29afe11f0cde2d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libvlc

libvlc_new
libvlc_release

libvlccore

FromLocale
LocaleFree

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
abort
atexit
fprintf
fputc
free
fwrite
getenv
localeconv
malloc
memcpy
puts
setlocale
signal
strlen
vfprintf
wcslen

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gnu_deb
Size: 512B - Virtual size: 28B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vlc.exe
.exe windows:4 windows x86 arch:x86

5e7b0a2fe07051e2d3410ebb653becbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libvlc

libvlc_add_intf
libvlc_new
libvlc_playlist_play
libvlc_release
libvlc_wait

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetCommandLineA
GetCommandLineW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTime
GetVersionExW
HeapSetInformation
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LocalFree
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
_wfopen
_wremove
abort
atexit
exit
fclose
fflush
fputc
free
fwprintf
fwrite
getenv
localeconv
malloc
memcpy
signal
strlen
swprintf
vfprintf
wcscmp
wcslen

shell32

CommandLineToArgvW
SHGetFolderPathW

user32

MessageBoxW

wininet

FtpPutFileW
InternetCloseHandle
InternetConnectW
InternetOpenW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gnu_deb
Size: 512B - Virtual size: 16B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vlc.exe.manifest

Sharing

General

Malware Config

Signatures

Files

28a099a911237a28521d8b7ea250f089

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

version

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 512B - Virtual size: 140B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 107KB

.idata Size: 5KB - Virtual size: 4KB

.ndata Size: 1024B - Virtual size: 80KB

.rsrc Size: 88KB - Virtual size: 88KB

7458f96eb10904198d988c72ce690084

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 364B

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 8KB

.edata Size: 512B - Virtual size: 112B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 144B

.reloc Size: 1024B - Virtual size: 892B

a4cdec8650dfe0ec28dd3e52e25dae2c

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 28B

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 73B

.idata Size: 1024B - Virtual size: 772B

.rsrc Size: 512B - Virtual size: 340B

.reloc Size: 512B - Virtual size: 248B

2274cc1534607459cdd304a928601ef9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 488B

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 512B - Virtual size: 140B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 107KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 1024B - Virtual size: 80KB

.rsrc
Size: 88KB - Virtual size: 88KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 364B

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 112B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 144B

.reloc
Size: 1024B - Virtual size: 892B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 28B

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 73B

.idata
Size: 1024B - Virtual size: 772B

.rsrc
Size: 512B - Virtual size: 340B

.reloc
Size: 512B - Virtual size: 248B

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 72KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 8KB - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB

.gnu_deb
Size: 512B - Virtual size: 20B

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1010KB - Virtual size: 1010KB

.bss
Size: - Virtual size: 4KB

.edata
Size: 18KB - Virtual size: 17KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 596B

.reloc
Size: 37KB - Virtual size: 36KB

.gnu_deb
Size: 512B - Virtual size: 24B

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 512B - Virtual size: 52B

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.gnu_deb
Size: 512B - Virtual size: 28B

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 40B

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 73KB - Virtual size: 72KB

.gnu_deb
Size: 512B - Virtual size: 16B