e1a6e162bd847bc11d7046af80002dba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1a6e162bd847bc11d7046af80002dba_JaffaCakes118
Size

17.0MB
MD5

e1a6e162bd847bc11d7046af80002dba
SHA1

d2393210743fc95bf01a6de17815fbfbde61728a
SHA256

29d25a17669c7ff733af26043508f026b532c17f322269b2e4f4fa21a989b755
SHA512

3a602ff28e83d065b76ab4e6071dcb6d35acbff2764e190ed263aa4e12b0844802fbcfa1c84046bc3c241d80f54f5e6a8fca4880a3b4fc711f1e742c5d8d0834
SSDEEP

196608:u35DUJDUcfYmyeu2KrZgeWsLLGEikgrZIlFajZtQzSRiVsZDLZ2SRpPPrtVaoP:y+ULCLjIykIig92SRpXr5P

Score

1^/10

Malware Config

Signatures

Files

e1a6e162bd847bc11d7046af80002dba_JaffaCakes118
.dll windows:6 windows x86 arch:x86

91ab340b1fc318114634f9af3986b820

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0e:c7:89:17:b2:30:2a:52:2b:d5:c9:eb:12:4a:6c:c7
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

05/07/2019, 00:00

Not After

07/07/2020, 12:00

Subject

CN=Shenzhen Thinksky Technology Co.\,Ltd,OU=R&D Dept.,O=Shenzhen Thinksky Technology Co.\,Ltd,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:35:d4:a4:de:d0:85:ce:eb:9c:f8:15:90:48:21:4d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/07/2019, 00:00

Not After

07/07/2020, 12:00

Subject

CN=Shenzhen Thinksky Technology Co.\,Ltd,OU=R&D Dept.,O=Shenzhen Thinksky Technology Co.\,Ltd,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:7c:3b:d7:30:12:aa:c1:7f:a4:6a:46:b6:be:2f:1c:0a:8d:68:c4:db:49:9d:a3:7f:54:ff:8f:6f:30:e1:ee
Signer

Actual PE Digest

6c:7c:3b:d7:30:12:aa:c1:7f:a4:6a:46:b6:be:2f:1c:0a:8d:68:c4:db:49:9d:a3:7f:54:ff:8f:6f:30:e1:ee

Digest Algorithm

sha256

PE Digest Matches

true

86:98:cb:84:5c:7d:ed:48:ac:15:04:53:c3:dc:fb:6c:99:5e:29:64
Signer

Actual PE Digest

86:98:cb:84:5c:7d:ed:48:ac:15:04:53:c3:dc:fb:6c:99:5e:29:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\OpenSource\msvc\lib\x86\avcodec.pdb

Imports

avutil

av_chroma_location_name
avpriv_snprintf
av_mallocz
av_opt_set_defaults
av_malloc
av_malloc_array
av_realloc
av_free
av_freep
av_get_cpu_flags
avpriv_slicethread_free
avpriv_slicethread_execute
avpriv_slicethread_create
av_cpu_count
av_display_rotation_get
av_fifo_drain
av_fifo_realloc2
av_fifo_alloc_array
av_strtod
av_vlog
av_fifo_generic_write
av_fifo_generic_read
av_fifo_space
av_fifo_size
av_fifo_freep
av_fifo_alloc
av_usleep
av_image_fill_black
av_rescale
av_vbprintf
av_parse_color
av_strcasecmp
av_stristr
av_strncasecmp
av_opt_get_int
av_opt_set_int
av_audio_fifo_size
av_audio_fifo_drain
av_audio_fifo_read
av_audio_fifo_write
av_audio_fifo_alloc
av_audio_fifo_free
av_timecode_init_from_string
av_timecode_adjust_ntsc_framenum2
av_nearer_q
av_timecode_make_mpeg_tc_string
av_bprint_append_data
av_dynarray_add
av_crc_init
av_content_light_metadata_create_side_data
av_frame_new_side_data_from_buf
av_display_matrix_flip
av_display_rotation_set
av_buffer_get_ref_count
av_frame_make_writable
av_md5_final
av_md5_update
av_md5_init
av_md5_alloc
avpriv_get_trc_function_from_trc
av_d2q
av_fast_mallocz
av_lzo1x_decode
av_calloc
av_image_copy_plane
av_stereo3d_alloc
av_strerror
av_bmg_get
av_strlcpy
av_bprint_chars
av_asprintf
avpriv_get_gamma_from_trc
av_mastering_display_metadata_create_side_data
av_stereo3d_create_side_data
av_image_get_linesize
av_bprint_get_buffer
avpriv_vga16_font
avpriv_cga_font
av_frame_clone
avpriv_scalarproduct_float_c
av_get_default_channel_layout
av_downmix_info_update_side_data
av_crc
av_crc_get_table
av_get_channel_layout_channel_index
av_lfg_init_from_data
avpriv_alloc_fixed_dsp
avpriv_float_dsp_alloc
av_lfg_init
av_expr_free
av_expr_eval
av_expr_parse
av_buffer_make_writable
av_frame_set_qp_table
av_memdup
av_fast_malloc
av_memcpy_backptr
avpriv_solve_lls
avpriv_init_lls
av_image_check_size
avpriv_report_missing_feature
av_get_picture_type_char
av_reallocp_array
av_reallocp
avpriv_request_sample
av_opt_set_dict
avpriv_strtod
av_color_space_name
av_color_transfer_name
av_color_primaries_name
av_color_range_name
av_get_bits_per_pixel
av_frame_ref
av_get_colorspace_name
av_samples_fill_arrays
av_get_bytes_per_sample
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_get_channel_layout_string
av_match_list
av_strlcatf
av_strlcat
av_fourcc_make_string
av_gcd
av_reduce
av_dict_copy
av_log_get_level
av_get_media_type_string
av_fast_realloc
av_opt_copy
av_opt_set
av_opt_set_defaults2
av_image_fill_max_pixsteps
av_find_best_pix_fmt_of_2
av_get_pix_fmt_loss
av_frame_get_side_data
av_frame_get_buffer
av_samples_set_silence
av_div_q
av_pix_fmt_get_chroma_sub_sample
av_get_channel_layout_nb_channels
av_image_check_sar
av_image_check_size2
av_image_fill_pointers
av_image_fill_linesizes
av_get_pix_fmt_name
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_hwframe_get_buffer
av_hwframe_ctx_init
av_hwframe_ctx_alloc
av_hwdevice_get_type_name
av_frame_apply_cropping
av_frame_new_side_data
av_frame_copy_props
av_frame_copy
av_frame_is_writable
av_frame_move_ref
av_frame_unref
av_frame_free
av_frame_alloc
av_samples_copy
av_samples_get_buffer_size
av_sample_fmt_is_planar
av_buffer_pool_get
av_buffer_pool_uninit
av_buffer_pool_init
av_buffer_allocz
av_bprint_clear
av_get_token
avpriv_set_systematic_pal2
av_mul_q
av_realloc_array
av_mallocz_array
av_bprint_finalize
av_bprintf
av_bprint_init
av_strtok
av_opt_set_dict2
av_opt_free
av_dict_free
av_dict_parse_string
av_dynarray_add_nofree
av_strdup
av_default_item_name
av_opt_next
av_opt_set_from_string
av_realloc_f
av_image_copy_to_buffer
av_image_get_buffer_size
av_image_fill_arrays
av_image_copy
av_image_alloc
av_buffer_realloc
av_buffer_is_writable
av_buffer_unref
av_buffer_ref
av_buffer_default_free
av_buffer_create
av_buffer_alloc
av_rescale_q
av_dict_set
av_dict_get
av_log

swresample

swr_free
swr_close
swr_convert
swr_is_initialized
swr_init
swr_alloc

kernel32

DeleteCriticalSection
GetSystemInfo
CreateThread
LoadLibraryA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
Sleep
InitializeCriticalSection
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
GetThreadPriority
LoadLibraryW
FreeLibrary
GetModuleHandleW
CreateSemaphoreW
CreateEventW
WaitForSingleObject
ReleaseSemaphore
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
GetProcessAffinityMask
GetProcAddress
SetThreadPriority
GetCurrentThread
WriteConsoleW
GetConsoleMode
GetStdHandle
InterlockedCompareExchange
InterlockedExchange
GetACP
CloseHandle
MultiByteToWideChar
WaitForSingleObjectEx
ReleaseMutex
WakeConditionVariable
SleepConditionVariableSRW
WakeAllConditionVariable
InitializeConditionVariable
InitializeSRWLock
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitOnceComplete
InitOnceBeginInitialize

ole32

CoTaskMemFree

msvcr120

_dtest
__libm_sse2_exp
sprintf_s
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_log10
__libm_sse2_log
_CxxThrowException
fscanf
feof
__RTDynamicCast
??_U@YAPAXI@Z
??_V@YAXPAX@Z
ftell
_aligned_malloc
_aligned_free
fgets
__CxxFrameHandler3
fflush
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
strpbrk
rewind
fputs
fputc
_vsnprintf_s
fwrite
_ftime64
_wrename
_wunlink
_vacopy
_wfopen
_vscprintf
_vsnprintf
vfprintf
strtod
strtok_s
strtok
_strnicmp
_stricmp
isdigit
_ftelli64
_fseeki64
fprintf
__iob_func
calloc
setlocale
strrchr
sprintf
fgetc
malloc
_beginthreadex
_wsopen
_sopen
free
rint
strncpy
_wassert
qsort
atoi
_CIcosh
_fdclass
frexp
llrint
_time64
_localtime64
strftime
round
log2
strspn
strtoul
fseek
fread
fopen
fclose
ldexp
strcspn
memchr
_libm_sse2_log10_precise
truncf
exp2f
exp2
roundf
cbrt
_libm_sse2_atan_precise
_CIatan2
_hypot
log2f
cbrtf
floor
ceil
_libm_sse2_log_precise
_libm_sse2_exp_precise
_dclass
sscanf
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
_libm_sse2_tan_precise
_libm_sse2_cos_precise
lrint
lrintf
_libm_sse2_sin_precise
memmove
strtol
_errno
fgetpos
fsetpos
setvbuf
ungetc
_lock_file
_unlock_file
memcpy_s
??0bad_cast@std@@QAE@PBD@Z
_stat64i32
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
vsprintf
tolower
exit
realloc
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except1
__CppXcptFilter
_amsg_exit
_fileno
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__clean_type_info_names_internal
_except_handler4_common
_fdopen
_strdup
_fstat64
strncmp
strchr
memset
abort
memcpy
strstr
bsearch

msvcp120

?_Syserror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_BADOFF@std@@3_JB
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAPBDH@Z

Exports

Exports

av_ac3_parse_header
av_adts_header_parse
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_next
av_bsf_receive_packet
av_bsf_send_packet
av_codec_ffversion
av_codec_get_chroma_intra_matrix
av_codec_get_codec_descriptor
av_codec_get_codec_properties
av_codec_get_lowres
av_codec_get_max_lowres
av_codec_get_pkt_timebase
av_codec_get_seek_preroll
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_codec_next
av_codec_set_chroma_intra_matrix
av_codec_set_codec_descriptor
av_codec_set_lowres
av_codec_set_pkt_timebase
av_codec_set_seek_preroll
av_copy_packet
av_copy_packet_side_data
av_cpb_properties_alloc
av_d3d11va_alloc_context
av_dct_calc
av_dct_end
av_dct_init
av_dirac_parse_sequence_header
av_dup_packet
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_fast_padded_malloc
av_fast_padded_mallocz
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_fopen_utf8
av_free_packet
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_codec_tag_string
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_jni_get_java_vm
av_jni_set_java_vm
av_lockmgr_register
av_mdct_calc
av_mdct_end
av_mdct_init
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_make_writable
av_packet_merge_side_data
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_split_side_data
av_packet_unpack_dictionary
av_packet_unref
av_parser_change
av_parser_close
av_parser_init
av_parser_iterate
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_qsv_alloc_context
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_dct_alloc
avcodec_dct_get_class
avcodec_dct_init
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video2
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt2
avcodec_find_best_pix_fmt_of_2
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_chroma_sub_sample
avcodec_get_class
avcodec_get_context_defaults3
avcodec_get_frame_class
avcodec_get_hw_config
avcodec_get_hw_frames_parameters
avcodec_get_name
avcodec_get_pix_fmt_loss
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_profile_name
avcodec_receive_frame
avcodec_receive_packet
avcodec_register
avcodec_register_all
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avpicture_alloc
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_align_put_bits
avpriv_bprint_to_extradata
avpriv_codec2_mode_bit_rate
avpriv_codec2_mode_block_align
avpriv_codec2_mode_frame_size
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_copy_bits
avpriv_dca_convert_bitstream
avpriv_dca_parse_core_frame_header
avpriv_dca_sample_rates
avpriv_dnxhd_get_frame_size
avpriv_dnxhd_get_hr_frame_size
avpriv_dnxhd_get_interlaced
avpriv_do_elbg
avpriv_exif_decode_ifd
avpriv_find_pix_fmt
avpriv_find_start_code
avpriv_fits_header_init
avpriv_fits_header_parse_line
avpriv_get_raw_pix_fmt_tags
avpriv_h264_has_num_reorder_frames
avpriv_init_elbg
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_pix_fmt_bps_avi
avpriv_pix_fmt_bps_mov
avpriv_put_string
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avpriv_toupper4
avsubtitle_free

Sections

.text
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 9.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91ab340b1fc318114634f9af3986b820

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

0e:c7:89:17:b2:30:2a:52:2b:d5:c9:eb:12:4a:6c:c7Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

01:35:d4:a4:de:d0:85:ce:eb:9c:f8:15:90:48:21:4dCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

6c:7c:3b:d7:30:12:aa:c1:7f:a4:6a:46:b6:be:2f:1c:0a:8d:68:c4:db:49:9d:a3:7f:54:ff:8f:6f:30:e1:eeSigner

86:98:cb:84:5c:7d:ed:48:ac:15:04:53:c3:dc:fb:6c:99:5e:29:64Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

avutil

swresample

kernel32

ole32

msvcr120

msvcp120

Exports

Exports

Sections

.text Size: 12.1MB - Virtual size: 12.1MB

.rodata Size: 45KB - Virtual size: 44KB

.rdata Size: 4.5MB - Virtual size: 4.5MB

.data Size: 108KB - Virtual size: 9.1MB

_RDATA Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 307KB - Virtual size: 306KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

0e:c7:89:17:b2:30:2a:52:2b:d5:c9:eb:12:4a:6c:c7
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

01:35:d4:a4:de:d0:85:ce:eb:9c:f8:15:90:48:21:4d
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

6c:7c:3b:d7:30:12:aa:c1:7f:a4:6a:46:b6:be:2f:1c:0a:8d:68:c4:db:49:9d:a3:7f:54:ff:8f:6f:30:e1:ee
Signer

86:98:cb:84:5c:7d:ed:48:ac:15:04:53:c3:dc:fb:6c:99:5e:29:64
Signer

.text
Size: 12.1MB - Virtual size: 12.1MB

.rodata
Size: 45KB - Virtual size: 44KB

.rdata
Size: 4.5MB - Virtual size: 4.5MB

.data
Size: 108KB - Virtual size: 9.1MB

_RDATA
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 307KB - Virtual size: 306KB