MpcVideoRenderer64[.]ax

Sharing

Copy URL Twitter E-mail

General

Target

MpcVideoRenderer64.ax
Size

905KB
MD5

436b11c9dfc0d598edd8cc3d85217040
SHA1

e114f4d7431ca37ef50a7dec13bfb8c28872950c
SHA256

ef26e9258a7fffa89c9272913e46b980bd46965da4cd3c5247f652961c22d735
SHA512

62f0c410632c5ef2eec970e533fb3c498a1ac7b7b47051da2f23bc9ec62df00a3821b0da143d2ef421d9c52e8199dd93f4d8b9d7be034686456f454344bc597b
SSDEEP

24576:2NhVpshSMXlc4iIMXHc5oKee2nd05iW+:Q2lK85oK/5D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MpcVideoRenderer64.ax

Files

MpcVideoRenderer64.ax
.dll regsvr32 windows:6 windows x64 arch:x64

632ef7a97f2aad3f5203e80afd3f6af5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

MpcVideoRenderer64.pdb

Imports

kernel32

DeleteCriticalSection
Sleep
LoadLibraryW
GetProcAddress
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemInfo
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
lstrcmpW
CloseHandle
CreateEventW
GetCurrentThreadId
GetCurrentProcess
CreateSemaphoreW
ReleaseSemaphore
VirtualFree
FreeLibrary
lstrlenW
GetModuleFileNameA
lstrlenA
DisableThreadLibraryCalls
CreateThread
GetThreadPriority
GetCurrentThread
SetThreadPriority
HeapCreate
VirtualProtect
HeapFree
Thread32Next
Thread32First
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
HeapReAlloc
HeapAlloc
HeapDestroy
GetThreadContext
GetCurrentProcessId
FlushInstructionCache
SetThreadContext
OpenThread
VirtualQuery
IsDebuggerPresent
OutputDebugStringW
LoadLibraryExA
WriteConsoleW
FlushFileBuffers
SetStdHandle
CreateFileW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
InitializeCriticalSection
FindFirstFileExW
FindClose
GetFileType
GetStdHandle
HeapQueryInformation
HeapSize
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
GetCPInfo
SetEvent
ResetEvent
LocalFree
LocalAlloc
MulDiv
EnterCriticalSection
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
LockResource
SizeofResource
LoadResource
FindResourceW
WaitForMultipleObjects
WaitForSingleObject
GetSystemTimeAsFileTime
LeaveCriticalSection
FindNextFileW
WaitForSingleObjectEx
GetExitCodeThread
GetStringTypeW
EncodePointer

user32

SetWindowLongA
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
SetWindowPos
MonitorFromWindow
EnumDisplaySettingsW
DisplayConfigSetDeviceInfo
ChangeDisplaySettingsExW
GetMonitorInfoW
IntersectRect
IsRectEmpty
CopyRect
SetRect
EqualRect
GetWindowRect
GetDesktopWindow
LoadStringW
DestroyWindow
SetWindowLongW
InvalidateRect
MoveWindow
CreateDialogParamW
PostThreadMessageW
RegisterWindowMessageW
GetQueueStatus
PeekMessageW
MsgWaitForMultipleObjects
InSendMessage
OffsetRect
CreateWindowExW
RegisterClassExW
GetClassInfoExW
SetPropW
GetAncestor
DefWindowProcW
GetWindowLongPtrW
MonitorFromPoint
GetForegroundWindow
RemovePropW
GetPropW
GetDC
UnregisterClassW
SetWindowLongPtrW
SendMessageW
ReleaseDC
GetWindowDC
CallWindowProcW
PostMessageW
GetParent
GetWindowLongW
IsDlgButtonChecked
SetDlgItemTextW
EnableWindow
SetWindowTextW
CheckDlgButton
SendDlgItemMessageW
GetDlgItem
LoadCursorW
SetClassLongPtrW
ShowWindow
SystemParametersInfoA

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueW
RegCreateKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

ole32

CoTaskMemAlloc
StringFromGUID2
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries

oleaut32

OleCreatePropertyFrame

gdi32

GetDeviceCaps
DeleteObject
GetObjectW
GetCurrentObject
CreateFontIndirectW

winmm

timeSetEvent
timeEndPeriod
timeBeginPeriod
timeKillEvent
timeGetTime

d2d1

ord1

dwrite

DWriteCreateFactory

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OpenConfiguration

Sections

.text
Size: 754KB - Virtual size: 753KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

632ef7a97f2aad3f5203e80afd3f6af5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

gdi32

winmm

d2d1

dwrite

Exports

Exports

Sections

.text Size: 754KB - Virtual size: 753KB

.data Size: 9KB - Virtual size: 16KB

.pdata Size: 22KB - Virtual size: 21KB

.idata Size: 8KB - Virtual size: 7KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 754KB - Virtual size: 753KB

.data
Size: 9KB - Virtual size: 16KB

.pdata
Size: 22KB - Virtual size: 21KB

.idata
Size: 8KB - Virtual size: 7KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 5KB - Virtual size: 4KB