dd54a875135655bbc28c77e2f5263ab0N

Sharing

Copy URL Twitter E-mail

General

Target

dd54a875135655bbc28c77e2f5263ab0N
Size

4.1MB
MD5

dd54a875135655bbc28c77e2f5263ab0
SHA1

ef5f158de32a5a6f3c7bed888ee4d5340da9d1f6
SHA256

ab8a2b9b162636309031ac810d2f605bbb4deab7171d12522090f7cbb6a81f7c
SHA512

6e190c1b888873a159a951d03ce7377f0cb85775cfe9da64060196572b996c62b139444780f372966635b0dd4359ec64dc75d658335f44b2e0b2eadac2f470e2
SSDEEP

49152:8ecmeHgCmNLW+m+8KtV10AnKn7436gyUmgzwk8dMqJzOU1J8dP3eGNlznUgznChi:jEA3NL7VWWaMqJzOhZl+GU1K2PHi+Wr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd54a875135655bbc28c77e2f5263ab0N

Files

dd54a875135655bbc28c77e2f5263ab0N
.dll windows:6 windows x64 arch:x64

fd9d0e19cf95440cf72b0992f8098260

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/var/tmp/build/firefox-5436ef3f20dd/obj-x86_64-w64-mingw32/media/ffvpx/libavcodec/mozavcodec.pdb

Imports

mozavutil

av_bprint_chars
av_bprint_finalize
av_bprint_init
av_bprint_init_for_buffer
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_is_writable
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_describe
av_channel_layout_from_mask
av_channel_layout_uninit
av_chroma_location_enum_to_pos
av_chroma_location_name
av_chroma_location_pos_to_enum
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_content_light_metadata_create_side_data
av_cpu_count
av_crc
av_crc_get_table
av_default_item_name
av_dict_iterate
av_dict_set
av_dynarray_add_nofree
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_unref
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_cpu_flags
av_get_media_type_string
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_get_token
av_hwdevice_get_type_name
av_hwframe_ctx_alloc
av_hwframe_ctx_init
av_hwframe_get_buffer
av_image_check_sar
av_image_check_size2
av_image_fill_arrays
av_image_fill_linesizes
av_image_fill_plane_sizes
av_image_get_buffer_size
av_log
av_log_get_level
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_create_side_data
av_match_list
av_memcpy_backptr
av_memdup
av_opt_copy
av_opt_free
av_opt_next
av_opt_set
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_from_string
av_opt_set_int
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale_q
av_sample_fmt_is_planar
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_strerror
av_strtok
av_video_enc_params_create_side_data
av_vlog
avpriv_emms_asm
avpriv_request_sample
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free

api-ms-win-crt-heap-l1-1-0

_aligned_free
_aligned_malloc
_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-math-l1-1-0

__setusermatherr
frexp

api-ms-win-crt-private-l1-1-0

memcmp
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_beginthreadex
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort
strerror

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
_write
fputc
fwrite

api-ms-win-crt-string-l1-1-0

memset
strcmp
strlen
strncmp
wcslen

api-ms-win-crt-utility-l1-1-0

bsearch
rand_s

kernel32

AcquireSRWLockExclusive
CloseHandle
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentThread
GetLastError
GetModuleHandleW
GetProcAddress
GetThreadGroupAffinity
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeCriticalSection
InitializeSRWLock
IsProcessorFeaturePresent
LeaveCriticalSection
ReleaseSRWLockExclusive
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-convert-l1-1-0

mbrtowc
wcrtomb

Exports

Exports

av_codec_ffversion
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_fast_padded_malloc
av_fast_padded_mallocz
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_init_packet
av_new_packet
av_packet_copy_props
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_unpack_dictionary
av_packet_unref
av_parser_close
av_parser_init
av_parser_parse2
av_rdft_calc
av_rdft_end
av_rdft_init
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_decode_subtitle2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_class
avcodec_get_hw_config
avcodec_get_name
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_receive_frame
avcodec_send_packet
avcodec_string
avcodec_version
avsubtitle_free
ff_init_vlc_from_lengths
ff_init_vlc_sparse
ff_mpa_bitrate_tab
ff_mpa_freq_tab

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 149B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd9d0e19cf95440cf72b0992f8098260

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mozavutil

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

kernel32

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-convert-l1-1-0

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 395KB - Virtual size: 394KB

.buildid Size: 512B - Virtual size: 149B

.data Size: 3KB - Virtual size: 1.0MB

.pdata Size: 34KB - Virtual size: 34KB

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 395KB - Virtual size: 394KB

.buildid
Size: 512B - Virtual size: 149B

.data
Size: 3KB - Virtual size: 1.0MB

.pdata
Size: 34KB - Virtual size: 34KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB