f2d15eceb9c24d25fe22b83f1ac331c64a02c0abf5c30a7a1597648aa5f6189f

Sharing

Copy URL Twitter E-mail

General

Target

f2d15eceb9c24d25fe22b83f1ac331c64a02c0abf5c30a7a1597648aa5f6189f
Size

886KB
MD5

c0cb3449050ffce91943c0f3e6d55736
SHA1

41232d4a3ad97f5c6e90ed7f54dd0aef9fb8f2da
SHA256

f2d15eceb9c24d25fe22b83f1ac331c64a02c0abf5c30a7a1597648aa5f6189f
SHA512

7afe9ec680df6b3dc7fe9ad984bca9245534be2ad10c1f0348acb4a1c48003803a2ef4b6af34db30490fe3a979f7761fb4110c2f22cd2170cb0e7336fcceba66
SSDEEP

24576:VD08MMU14H8+tNfmu3nWsYs5m9UONJ4V4qPOrcwAIjNN:Vkt+tP3nWsYs5m9UONJ4V4qfEjNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2d15eceb9c24d25fe22b83f1ac331c64a02c0abf5c30a7a1597648aa5f6189f

Files

f2d15eceb9c24d25fe22b83f1ac331c64a02c0abf5c30a7a1597648aa5f6189f
.exe windows:5 windows x86 arch:x86

5e685eefe0ef9a2c0dceb150398efeaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\wenhm\CWorkSpace\huduntech.com\video_converter\Qsv2Flv\Release\Qsv2Flv.pdb

Imports

kernel32

GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetEvent
CreateEventW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeCriticalSection
QueryPerformanceCounter
InitializeSListHead
GlobalFindAtomW
GlobalAddAtomW
TlsFree
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetFilePointerEx
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetStdHandle
MoveFileExW
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
GetTimeZoneInformation
PeekNamedPipe
GetDriveTypeW
GetModuleHandleExW
ExitProcess
GetConsoleCP
ReadConsoleW
RtlUnwind
LockFileEx
AllocConsole
GetFileType
WriteConsoleW
GetConsoleMode
GetStdHandle
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
SwitchToThread
GetCPInfo
LCMapStringW
GetStringTypeW
GetSystemDirectoryW
EncodePointer
TlsSetValue
TlsGetValue
SetEnvironmentVariableW
TlsAlloc
LoadLibraryA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
SetErrorMode
FormatMessageW
LocalFree
GlobalUnlock
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
LoadLibraryExW
FreeLibrary
GetCurrentThread
LoadLibraryW
GetModuleHandleA
SetLastError
OutputDebugStringA
GetACP
GetProcAddress
GetExitCodeProcess
GlobalFree
GlobalAlloc
OutputDebugStringW
GetVersionExW
GetFileTime
GetFileSize
CreateFileW
FindClose
SetFilePointer
WriteFile
FindFirstFileW
ReadFile
MoveFileW
GetModuleHandleW
GetCurrentProcessId
FindResourceW
LoadResource
DeleteFileW
LockResource
SizeofResource
CreateDirectoryA
InterlockedIncrement
GetSystemTimeAsFileTime
WideCharToMultiByte
CreateSemaphoreW
CloseHandle
Sleep
MultiByteToWideChar
SetCurrentDirectoryA
GetCurrentDirectoryA
GetCurrentThreadId
WaitForSingleObject
LeaveCriticalSection
GetModuleFileNameW
ReleaseSemaphore
EnterCriticalSection
GetModuleFileNameA
CreateDirectoryW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetCommandLineW
GetStartupInfoW
VirtualQuery

user32

DestroyMenu
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
ClientToScreen
GetWindowThreadProcessId
SetCursor
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetClientRect
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetWindowTextW
IsWindowEnabled
SetRectEmpty
OffsetRect
GetParent
PostMessageW
PostQuitMessage
GetSubMenu
GetMenuItemID
GetMenuItemCount
CharUpperW
GetSystemMetrics
SendMessageW
GetScrollPos
GetWindowTextW
GetWindowLongW
GetWindow
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
DestroyWindow
SetWindowPos
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetDlgItem
GetDlgCtrlID
GetFocus
GetKeyState
GetCapture
EnableWindow
GetMenu
SetMenu

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
ExtTextOutW
TextOutW
SetMapMode
SelectObject
SaveDC
RestoreDC
RectVisible
GetDeviceCaps
SetBkColor
SetTextColor
CreateBitmap
DeleteObject
DeleteDC
Escape
GetClipBox
GetStockObject
PtVisible

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteValueW
ReportEventW
GetTokenInformation
DeregisterEventSource
CopySid
OpenProcessToken
GetLengthSid
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegisterEventSourceW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFileExistsW

ole32

CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
SysFreeString

ws2_32

send
connect
WSAStartup
recv
htonl
htons
setsockopt
WSAGetLastError
WSASocketW
WSAStringToAddressW
gethostname
shutdown
gethostbyname
closesocket
WSACleanup

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 652KB - Virtual size: 651KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LogShare
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e685eefe0ef9a2c0dceb150398efeaf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

ws2_32

oleacc

Sections

.text Size: 652KB - Virtual size: 651KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 28KB - Virtual size: 45KB

.gfids Size: 5KB - Virtual size: 4KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

LogShare Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 38KB - Virtual size: 38KB

.text
Size: 652KB - Virtual size: 651KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 28KB - Virtual size: 45KB

.gfids
Size: 5KB - Virtual size: 4KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

LogShare
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 38KB - Virtual size: 38KB