70fcc6eb8e72593ff177bec22bd28cb5b381fa4f1083b1a5792188295fec5eeb

Sharing

Copy URL

Twitter E-mail

General

Target

70fcc6eb8e72593ff177bec22bd28cb5b381fa4f1083b1a5792188295fec5eeb
Size

4.4MB
MD5

682f4a6d5a2d87decbea968d45c432ae
SHA1

f44276fcb316f7d7c0ec658f8a31ebb2759f0949
SHA256

70fcc6eb8e72593ff177bec22bd28cb5b381fa4f1083b1a5792188295fec5eeb
SHA512

d8a26da4e1f25dbd2433a23e4d749fa1d042923fe4d3bb218e3a635f70e54a2fcd13e5e60fe284c11562986018bd340f19ca8f7d62f0c45a27d53887fd3639fe
SSDEEP

49152:Qtno2j9UU6Kikt99RTpodh6+261TTW9L63DfrhvrmkBQIV/54Sn/MLROBJ6NoaSV:uB+261TTW9Lsfr/DBVXBLpFnIO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70fcc6eb8e72593ff177bec22bd28cb5b381fa4f1083b1a5792188295fec5eeb

Files

70fcc6eb8e72593ff177bec22bd28cb5b381fa4f1083b1a5792188295fec5eeb
.dll windows:6 windows x64 arch:x64

98f099bead53fd346c8952f37393bbfa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Projects\_Projects\CustomDevelopment\FFMPEGEncoder\FFmpegSink3\FFmpegSink-main\ffmpeg-build\ffmpeg\libavfilter\avfilter-7.pdb

Imports

swscale-5

sws_freeContext
sws_get_class
sws_getColorspaceDetails
sws_setColorspaceDetails
sws_init_context
sws_alloc_context
sws_isSupportedEndiannessConversion
sws_isSupportedOutput
sws_isSupportedInput
sws_getCoefficients
sws_scale
sws_getContext

avformat-58

avformat_match_stream_specifier
av_seek_frame
av_find_best_stream
avformat_close_input
av_read_frame
avformat_find_stream_info
avformat_open_input
av_find_input_format
avio_write
avio_closep
avio_open
avio_get_str
avio_rl32
avio_read
avio_size
av_fopen_utf8
avio_seek

avcodec-58

av_fft_end
avpriv_init_elbg
avpriv_do_elbg
av_dct_end
av_dct_calc
av_dct_init
avcodec_flush_buffers
avcodec_receive_frame
avcodec_send_packet
avcodec_open2
avcodec_parameters_to_context
avcodec_free_context
avcodec_alloc_context3
avcodec_find_decoder
av_packet_unref
av_rdft_end
av_fft_init
av_fft_permute
av_fft_calc
av_rdft_init
av_rdft_calc

swresample-3

swr_alloc
swr_set_matrix
swr_set_channel_mapping
swr_get_delay
swr_next_pts
swr_convert
swr_free
swr_alloc_set_opts
swr_init
swr_get_class

avutil-56

av_get_padded_bits_per_pixel
av_color_range_name
av_color_primaries_name
av_color_transfer_name
av_color_space_name
av_image_fill_max_pixsteps
av_log_get_level
av_bprint_clear
av_pixelutils_get_sad_fn
av_get_bits_per_pixel
av_stereo3d_create_side_data
av_gcd
av_expr_count_func
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_hwdevice_find_type_by_name
av_hwdevice_ctx_create_derived
av_hwframe_map
av_hwframe_ctx_create_derived
av_hwdevice_get_hwframe_constraints
av_hwframe_constraints_free
av_hwdevice_ctx_create
av_strcasecmp
av_compare_ts
av_frame_unref
av_read_image_line2
av_write_image_line2
av_video_enc_params_create_side_data
av_expr_count_vars
av_opt_eval_flags
av_parse_video_size
av_display_rotation_get
av_spherical_tile_bounds
av_stereo3d_type_name
av_timecode_make_smpte_tc_string2
av_timecode_make_mpeg_tc_string
av_image_check_size
av_rescale_rnd
av_get_cpu_flags
av_get_planar_sample_fmt
av_image_check_size2
av_find_best_pix_fmt_of_2
av_pix_fmt_desc_get
av_realloc
av_opt_next
av_opt_find2
av_opt_find
av_opt_get_key_value
av_opt_set_dict2
av_opt_set_dict
av_opt_set_defaults
av_image_copy
av_buffer_unref
av_strlcatf
av_strerror
av_get_media_type_string
av_parse_video_rate
avpriv_vga16_font
av_gettime_relative
av_get_pix_fmt_name
av_div_q
av_mul_q
av_buffer_allocz
av_get_random_seed
av_lfg_init
av_fast_realloc
av_frame_remove_side_data
av_frame_get_side_data
av_opt_free
av_frame_get_plane_buffer
av_buffer_ref
av_opt_set_from_string
av_reduce
av_frame_get_buffer
av_frame_alloc
av_get_extended_channel_layout
av_get_channel_name
av_get_channel_layout_channel_index
av_channel_layout_extract_channel
av_dict_set
av_opt_set_sample_fmt
av_realloc_array
av_adler32_update
av_samples_copy
av_tx_uninit
av_tx_init
av_opt_get_sample_fmt
av_opt_get_int
av_opt_set_int
av_opt_set
av_dict_free
av_dict_get
av_parse_color
av_get_packed_sample_fmt
av_strtod
av_sample_fmt_is_planar
av_get_sample_fmt_name
av_mallocz_array
av_mallocz
av_malloc
av_bprint_channel_layout
av_bprintf
av_bprint_init
av_audio_fifo_read
av_get_sample_fmt
av_get_channel_layout
avpriv_cga_font
av_frame_clone
avpriv_emms_asm
av_samples_alloc_array_and_samples
av_samples_set_silence
av_get_bytes_per_sample
av_malloc_array
av_audio_fifo_size
av_audio_fifo_drain
av_audio_fifo_peek
av_audio_fifo_write
av_audio_fifo_alloc
av_audio_fifo_free
av_rescale_q
av_fast_malloc
av_calloc
avpriv_float_dsp_alloc
av_sscanf
av_asprintf
av_frame_copy
av_frame_is_writable
av_frame_copy_props
av_frame_free
av_expr_free
av_expr_eval
av_expr_parse
av_get_default_channel_layout
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_strtok
av_rescale
av_log
av_dynarray2_add
av_strdup
av_freep
av_free
av_realloc_f
av_default_item_name
av_frame_new_side_data_from_buf
av_frame_new_side_data
av_buffer_alloc
av_rescale_q_rnd
av_hwframe_get_buffer
av_hwframe_ctx_init
av_hwframe_ctx_alloc
avpriv_slicethread_free
avpriv_slicethread_execute
avpriv_slicethread_create
av_frame_ref
av_bprint_finalize
av_gcd_q
av_samples_get_buffer_size
avpriv_report_missing_feature
avpriv_set_systematic_pal2
av_buffer_pool_get
av_buffer_pool_uninit
av_buffer_pool_init
av_get_pix_fmt
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_parse_time
av_parse_ratio
av_file_unmap
av_file_map
av_bprint_chars
av_get_token
av_strlcpy
av_d2q
av_pix_fmt_count_planes
av_get_picture_type_char
av_vlog
av_audio_fifo_peek_at
av_usleep
av_gettime
av_dict_set_int
av_image_copy_plane
av_image_fill_linesizes
av_image_get_linesize
av_frame_make_writable
av_memdup
av_expr_parse_and_eval
av_frame_move_ref
av_image_alloc

advapi32

RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW

kernel32

GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InitializeSRWLock
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
AcquireSRWLockExclusive
MultiByteToWideChar
FindClose
FindFirstFileW
FindNextFileW
GetCurrentProcess
QueryPerformanceCounter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SwitchToThread
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetModuleHandleExW
FreeLibrary
SetThreadErrorMode
GetFileAttributesW
GetLastError
GetModuleFileNameW

vcruntime140

__current_exception_context
wcschr
memcpy
memmove
memset
strchr
memcmp
strstr
strrchr
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__current_exception
__C_specific_handler
wcsrchr
_purecall
wcsstr
__std_type_info_destroy_list

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

cosf
fmodf
sqrtf
atan2
tan
fminf
powf
cosh
lrint
atan
fmaxf
fmax
log10
asin
acos
cbrt
ceil
hypot
floorf
exp2f
_dclass
fmin
sqrt
log
fmod
roundf
round
exp2
expf
exp
cos
sinf
sin
atanh
asinh
acosh
lrintf
cbrtf
ldexp
logf
ceilf
atan2f
rint
modf
_hypotf
log2
floor
log10f
erf
erff
atanf
tanh
tanhf
llrint
_fdclass
acosf
asinf
tanf
log2f
sinh
llrintf
pow
copysign

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_errno
_crt_at_quick_exit
_cexit
_execute_onexit_table
abort
_initialize_onexit_table
_initialize_narrow_environment
_initterm
_initterm_e
terminate
_seh_filter_dll
_configure_narrow_argv
_crt_atexit

api-ms-win-crt-string-l1-1-0

strcmp
strncmp
wcscpy_s
strcspn
strspn
wcscspn

api-ms-win-crt-stdio-l1-1-0

fopen
__stdio_common_vfprintf
__stdio_common_vfscanf
fgetc
_wfopen_s
__stdio_common_vsscanf
fwrite
fgets
__acrt_iob_func
__stdio_common_vsprintf
fclose
__stdio_common_vswscanf
fgetws

api-ms-win-crt-convert-l1-1-0

strtoll
strtol

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

av_abuffersink_params_alloc
av_buffersink_get_channel_layout
av_buffersink_get_channels
av_buffersink_get_format
av_buffersink_get_frame
av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_get_h
av_buffersink_get_hw_frames_ctx
av_buffersink_get_sample_aspect_ratio
av_buffersink_get_sample_rate
av_buffersink_get_samples
av_buffersink_get_time_base
av_buffersink_get_type
av_buffersink_get_w
av_buffersink_params_alloc
av_buffersink_set_frame_size
av_buffersrc_add_frame
av_buffersrc_add_frame_flags
av_buffersrc_close
av_buffersrc_get_nb_failed_requests
av_buffersrc_parameters_alloc
av_buffersrc_parameters_set
av_buffersrc_write_frame
av_filter_ffversion
av_filter_iterate
avfilter_add_matrix
avfilter_config_links
avfilter_configuration
avfilter_free
avfilter_get_by_name
avfilter_get_class
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_get_filter
avfilter_graph_parse
avfilter_graph_parse2
avfilter_graph_parse_ptr
avfilter_graph_queue_command
avfilter_graph_request_oldest
avfilter_graph_send_command
avfilter_graph_set_auto_convert
avfilter_init_dict
avfilter_init_str
avfilter_inout_alloc
avfilter_inout_free
avfilter_insert_filter
avfilter_license
avfilter_link
avfilter_link_free
avfilter_link_get_channels
avfilter_link_set_closed
avfilter_make_format64_list
avfilter_mul_matrix
avfilter_next
avfilter_pad_count
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_process_command
avfilter_register
avfilter_register_all
avfilter_sub_matrix
avfilter_transform
avfilter_version

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98f099bead53fd346c8952f37393bbfa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

swscale-5

avformat-58

avcodec-58

swresample-3

avutil-56

advapi32

kernel32

vcruntime140

vcruntime140_1

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 64KB - Virtual size: 85KB

.pdata Size: 108KB - Virtual size: 107KB

.idata Size: 19KB - Virtual size: 19KB

.00cfg Size: 512B - Virtual size: 337B

_RDATA Size: 1024B - Virtual size: 610B

.reloc Size: 49KB - Virtual size: 49KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 64KB - Virtual size: 85KB

.pdata
Size: 108KB - Virtual size: 107KB

.idata
Size: 19KB - Virtual size: 19KB

.00cfg
Size: 512B - Virtual size: 337B

_RDATA
Size: 1024B - Virtual size: 610B

.reloc
Size: 49KB - Virtual size: 49KB