57a45dc81d7372ce8bc63f13d85abd58746325b5032b2e1c3a825ce46bc323eaN

Sharing

Copy URL Twitter E-mail

General

Target

57a45dc81d7372ce8bc63f13d85abd58746325b5032b2e1c3a825ce46bc323eaN
Size

1015KB
MD5

7aa46a7e44873f2d94562c794a890fc0
SHA1

52fea12f7ba52a0134abf6b72a79068bf5ccc823
SHA256

57a45dc81d7372ce8bc63f13d85abd58746325b5032b2e1c3a825ce46bc323ea
SHA512

ac0bab69485abc1ab7a37d5b44872279414fa01d28846d22b286803273f77f9e1d12da911f723ca9802f2bc32e94c41f2dc9402554d55a3c2d05113278aebe06
SSDEEP

24576:3FD8h3sPXSsqjnhMgeiCl7G0nehbGZpbD:3FD8hcuDmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57a45dc81d7372ce8bc63f13d85abd58746325b5032b2e1c3a825ce46bc323eaN

Files

57a45dc81d7372ce8bc63f13d85abd58746325b5032b2e1c3a825ce46bc323eaN
.exe windows:6 windows x64 arch:x64

0d1f50d036fedb1eb303366179306472

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\CI\workspace\ve\VE_Thirdparty_FFmpeg_Windows@2\ci_workspace\ffmpeg\fftools\ffmpeg.pdb

Imports

user32

MessageBoxA

kernel32

GetModuleHandleW
GetStartupInfoW
GetStdHandle
CloseHandle
PeekNamedPipe
CreateEventA
Sleep
WaitForMultipleObjects
GetProcessTimes
GetCurrentProcess
GetCurrentProcessId
CreateThread
GetConsoleMode
SetConsoleCtrlHandler
K32GetProcessMemoryInfo
GetCommandLineW
GetFullPathNameW
GetModuleFileNameW
LocalFree
SetDllDirectoryA
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
WakeAllConditionVariable
RtlCaptureContext
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

avformat-61

avio_read
avio_size
avio_close
avio_check
avio_find_protocol_name
avformat_match_stream_specifier
avformat_get_class
avio_read_to_bprint
avio_open
avformat_network_deinit
avformat_network_init
avio_closep
avio_flush
avio_write
avio_printf
avio_w8
av_stream_get_codec_timebase
avio_enum_protocols
avformat_transfer_internal_stream_timing_info
avformat_query_codec
av_filename_number_test
av_codec_get_tag2
av_codec_get_id
av_guess_codec
av_program_add_stream_index
avformat_alloc_output_context2
av_new_program
avformat_stream_group_add_stream
avformat_new_stream
avformat_stream_group_create
avio_r8
av_guess_frame_rate
av_pkt_dump_log2
avformat_close_input
avformat_seek_file
av_read_frame
avformat_find_stream_info
avformat_open_input
avformat_alloc_context
av_stream_get_parser
av_sdp_create
av_dump_format
av_write_trailer
av_interleaved_write_frame
avformat_write_header
avformat_free_context
avio_print_string_array
avio_seek
av_guess_format
av_find_input_format
av_demuxer_iterate
av_muxer_iterate
av_disposition_to_string
avio_protocol_get_class
avio_open2

avutil-59

av_samples_copy
av_sample_fmt_is_planar
av_fifo_drain2
av_fifo_peek
av_cpu_max_align
av_expr_eval
av_frame_side_data_clone
av_frame_side_data_free
av_get_picture_type_char
av_get_bytes_per_sample
av_find_best_pix_fmt_of_2
av_parse_ratio
av_opt_set_dict
av_iamf_submix_add_layout
av_iamf_submix_add_element
av_iamf_mix_presentation_add_submix
av_iamf_audio_element_add_layer
av_iamf_param_definition_alloc
av_bprint_clear
av_expr_parse
av_channel_layout_from_string
av_add_q
av_realloc_f
av_get_sample_fmt
av_get_pix_fmt
av_parse_video_rate
av_parse_video_size
av_display_matrix_flip
av_display_rotation_set
av_dict_set_int
av_expr_free
av_hwframe_transfer_data
av_rescale_delta
av_rescale
av_gcd
av_mul_q
av_memdup
av_thread_message_queue_set_err_recv
av_thread_message_queue_recv
av_thread_message_queue_send
av_strndup
av_log
av_thread_message_queue_free
av_thread_message_queue_alloc
av_gettime
av_fifo_grow2
av_fifo_can_write
av_fifo_can_read
av_frame_copy_props
av_compare_ts
av_opt_get_key_value
av_log_get_level
av_log_set_level
av_log_set_flags
av_bprint_init
av_bprintf
av_bprint_finalize
av_dict_get
av_dict_iterate
av_dict_set
av_buffer_create
av_buffer_unref
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_get_bits_per_pixel
av_get_known_color_name
av_cpu_force_count
av_parse_cpu_caps
av_force_cpu_flags
av_get_cpu_flags
av_match_name
av_channel_layout_index_from_channel
av_channel_layout_describe
av_channel_layout_standard
av_channel_description
av_channel_name
av_log_get_flags
av_log_format_line
av_log_default_callback
av_log_set_callback
av_max_alloc
av_get_sample_fmt_string
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_create
av_hwdevice_find_type_by_name
av_dict_parse_string
av_opt_set_dict2
av_reallocp_array
av_ts_make_time_string2
av_get_pix_fmt_name
av_color_space_name
av_color_range_name
av_pix_fmt_desc_get
av_opt_eval_int
av_opt_set_bin
av_opt_set_int
av_opt_set
av_bprint_chars
av_fifo_freep2
av_fifo_read
av_fifo_write
av_fifo_alloc2
av_frame_get_side_data
av_frame_get_buffer
av_frame_move_ref
av_frame_unref
av_frame_ref
av_frame_free
av_frame_alloc
av_dict_get_string
av_dict_count
av_channel_layout_compare
av_channel_layout_check
av_channel_layout_describe_bprint
av_channel_layout_copy
av_channel_layout_uninit
av_channel_layout_default
av_buffer_replace
av_buffer_ref
av_rescale_q_rnd
av_find_nearest_q_idx
av_reduce
av_log2
av_malloc
av_get_media_type_string
av_get_sample_fmt_name
av_opt_eval_flags
av_strcasecmp
av_strtok
av_get_token
av_asprintf
av_hwdevice_iterate_types
av_hwdevice_get_type_name
av_dict_copy
av_rescale_q
av_default_item_name
av_opt_show2
av_opt_find
av_opt_child_class_iterate
av_strtod
av_parse_time
av_display_rotation_get
av_strlcatf
av_strlcat
av_strlcpy
av_strstart
av_dict_free
av_dynarray_add_nofree
av_strdup
av_realloc_array
av_calloc
av_malloc_array
av_usleep
av_gettime_relative
av_freep
av_free
av_mallocz
av_strerror
av_buffer_is_writable

avcodec-61

av_packet_alloc
avcodec_alloc_context3
av_bsf_iterate
av_packet_copy_props
av_packet_move_ref
avcodec_free_context
avcodec_parameters_to_context
avcodec_open2
avcodec_find_decoder_by_name
av_bsf_get_by_name
avcodec_descriptor_next
avcodec_get_hw_config
av_codec_is_decoder
avsubtitle_free
av_codec_is_encoder
av_packet_ref
avcodec_get_class
avcodec_find_encoder_by_name
avcodec_send_packet
avcodec_find_encoder
avcodec_find_decoder
avcodec_descriptor_get
avcodec_parameters_copy
avcodec_parameters_free
avcodec_receive_frame
avcodec_flush_buffers
av_packet_rescale_ts
avcodec_descriptor_get_by_name
av_get_audio_frame_duration2
av_codec_iterate
avcodec_parameters_alloc
avcodec_receive_packet
avcodec_encode_subtitle
av_packet_unref
avcodec_decode_subtitle2
av_packet_free
av_bsf_init
av_bsf_send_packet
av_bsf_receive_packet
av_bsf_free
avcodec_get_name
av_packet_side_data_new
av_bsf_flush
av_bsf_list_parse_str
av_get_exact_bits_per_sample
avcodec_parameters_from_context
av_new_packet
av_shrink_packet
av_packet_get_side_data
av_bsf_get_class
avcodec_send_frame

avfilter-10

av_buffersink_get_format
avfilter_pad_get_name
avfilter_pad_get_type
av_filter_iterate
av_buffersrc_close
av_buffersrc_add_frame_flags
av_buffersrc_add_frame
av_buffersrc_parameters_set
av_buffersrc_parameters_alloc
av_buffersrc_get_nb_failed_requests
av_buffersink_get_sample_rate
av_buffersink_get_ch_layout
av_buffersink_get_sample_aspect_ratio
av_buffersink_get_h
av_buffersink_get_w
av_buffersink_get_frame_rate
avfilter_get_class
av_buffersink_get_time_base
av_buffersink_get_frame_flags
avfilter_graph_request_oldest
avfilter_graph_queue_command
avfilter_graph_send_command
avfilter_graph_segment_free
avfilter_graph_segment_apply
avfilter_graph_segment_create_filters
avfilter_graph_segment_parse
avfilter_inout_free
avfilter_graph_free
avfilter_graph_config
avfilter_graph_set_auto_convert
avfilter_filter_pad_count
avfilter_graph_create_filter
avfilter_graph_alloc_filter
avfilter_graph_alloc
avfilter_init_str
avfilter_get_by_name
avfilter_link

swresample-5

swr_get_class

avdevice-61

avdevice_free_list_devices
av_input_audio_device_next
av_input_video_device_next
avdevice_list_output_sinks
avdevice_list_input_sources
avdevice_register_all
av_output_video_device_next
av_output_audio_device_next

swscale-8

sws_get_class
sws_isSupportedInput
sws_isSupportedOutput

libvecrptor

destroyIODecryptor
clearFormatContext
createIODeCrptorContext
destoryIOCryptor
writeBdveTag
createIOEnCrptorContext

shell32

CommandLineToArgvW

vcruntime140

memcmp
memmove
strstr
memcpy
__C_specific_handler
__std_type_info_destroy_list
__current_exception
__current_exception_context
strchr
memset
strrchr

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_exit
__p___argc
__p___argv
_get_initial_narrow_environment
_cexit
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_configure_narrow_argv
strerror
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_set_app_type
_seh_filter_exe
abort
perror
_crt_at_quick_exit
terminate
signal
_c_exit
exit
_errno
_beginthreadex

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
_kbhit
__acrt_iob_func
_write
_read
fclose
fflush
setvbuf
__stdio_common_vfprintf
__stdio_common_vsprintf
_wfopen
fopen
__p__commode
fputc
fputs
getchar
fgets
_set_fmode

api-ms-win-crt-string-l1-1-0

strncat
strcmp
strcspn
strncmp
strtok
strspn

api-ms-win-crt-environment-l1-1-0

_wgetenv

api-ms-win-crt-math-l1-1-0

log10
round
floor
llrintf
lrintf
__setusermatherr
llrint

api-ms-win-crt-convert-l1-1-0

strtol
strtoll
atoi

api-ms-win-crt-time-l1-1-0

_localtime64
_gmtime64
strftime
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-conio-l1-1-0

_getch

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d1f50d036fedb1eb303366179306472

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

avformat-61

avutil-59

avcodec-61

avfilter-10

swresample-5

avdevice-61

swscale-8

libvecrptor

shell32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-conio-l1-1-0

Sections

.text Size: 304KB - Virtual size: 303KB

.rdata Size: 103KB - Virtual size: 103KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 13KB - Virtual size: 12KB

.idata Size: 24KB - Virtual size: 23KB

.00cfg Size: 512B - Virtual size: 337B

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 304KB - Virtual size: 303KB

.rdata
Size: 103KB - Virtual size: 103KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 13KB - Virtual size: 12KB

.idata
Size: 24KB - Virtual size: 23KB

.00cfg
Size: 512B - Virtual size: 337B

.reloc
Size: 568KB - Virtual size: 572KB