878893a65ac302911a9cd3cb79e923e8dc5a6ed057b8917267e13b8554779c01

Sharing

Copy URL Twitter E-mail

General

Target

878893a65ac302911a9cd3cb79e923e8dc5a6ed057b8917267e13b8554779c01
Size

2.6MB
MD5

c658aec817e910238d687ba117cccc02
SHA1

c9f9822bec19254be0048d9f2afb0d855cdc0400
SHA256

878893a65ac302911a9cd3cb79e923e8dc5a6ed057b8917267e13b8554779c01
SHA512

808179856d24a0d342c5d3ce491b58aea9054eb18a1e84291638f3742ff46471ffc07a14a3f5530832974d27d6d04ec6d6da2e0e1088063c0760d3d4156196de
SSDEEP

49152:R9v3xPIHglCSB3xzEoqVrcoJC7ZBRyQWAUKzR3Iguz8AW:RRRIMB3xzEoqVd0HzR3Iguz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
878893a65ac302911a9cd3cb79e923e8dc5a6ed057b8917267e13b8554779c01

Files

878893a65ac302911a9cd3cb79e923e8dc5a6ed057b8917267e13b8554779c01
.exe windows:6 windows x86 arch:x86

bab34249bf73902128f2f282bcd9ead1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\code\ttplayer\bin\TTPlayer.pdb

Imports

comctl32

ImageList_Remove
InitCommonControlsEx
FlatSB_SetScrollProp
PropertySheetW
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_GetIconSize
ImageList_EndDrag
ImageList_DragLeave
ord8
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragMove
ImageList_BeginDrag
DestroyPropertySheetPage
_TrackMouseEvent
ImageList_GetIcon
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_ReplaceIcon
ImageList_LoadImageW

winmm

timeGetTime
waveOutGetPosition
waveOutPrepareHeader
waveOutOpen
waveOutPause
waveOutGetVolume
waveOutReset
waveOutRestart
waveOutClose
waveOutUnprepareHeader
waveOutSetVolume
waveOutWrite
timeEndPeriod
timeKillEvent
timeSetEvent
timeBeginPeriod
timeGetDevCaps
waveOutGetNumDevs
waveOutGetDevCapsW

wininet

InternetCrackUrlW
InternetSetCookieExW
InternetGetCookieW
InternetReadFile
InternetOpenW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetSetOptionW
InternetReadFileExA
HttpQueryInfoW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
InternetConnectA
HttpSendRequestA
HttpOpenRequestA

kernel32

FreeLibrary
TlsGetValue
IsBadReadPtr
CreateFileMappingW
MapViewOfFile
VirtualQueryEx
SetUnhandledExceptionFilter
VirtualProtect
GetLocalTime
WaitForMultipleObjects
GetOverlappedResult
ReadDirectoryChangesW
ReadFile
FindFirstFileW
GetFullPathNameW
FindNextFileW
lstrcpynW
FindClose
FileTimeToSystemTime
GetLogicalDriveStringsA
lstrcpyW
GetSystemTime
CopyFileExW
lstrcmpiW
IsBadWritePtr
SetEnvironmentVariableW
GetEnvironmentVariableW
lstrcatW
GetCPInfoExW
EnumSystemCodePagesW
GetACP
EnumResourceLanguagesW
CreateThread
MoveFileW
GetLogicalDrives
GetDiskFreeSpaceExW
DeleteFileA
LoadLibraryExW
SetThreadPriority
CopyFileW
SetCurrentDirectoryW
DosDateTimeToFileTime
GetTempFileNameW
CompareFileTime
GetThreadSelectorEntry
ReadProcessMemory
GetCurrentThread
GetCommandLineA
TlsAlloc
LocalFree
TlsFree
SetDllDirectoryW
GetThreadLocale
FormatMessageW
K32GetProcessMemoryInfo
FileTimeToLocalFileTime
LCMapStringW
SystemTimeToFileTime
WideCharToMultiByte
GetThreadPriority
CreateSemaphoreW
DuplicateHandle
ReleaseSemaphore
GetTickCount
GlobalUnlock
lstrcmpW
MulDiv
ResumeThread
FreeResource
WriteConsoleW
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
ExitProcess
IsValidCodePage
FindFirstFileExW
MoveFileExW
GetFileSizeEx
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
RtlUnwind
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
LoadLibraryExA
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
SetPriorityClass
GetVersionExA
MoveFileA
FindNextFileA
FindFirstFileA
GetModuleHandleA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetDiskFreeSpaceA
CreateDirectoryA
LocalFileTimeToFileTime
SetConsoleCtrlHandler
SetFileTime
GetFileType
GetStdHandle
IsDBCSLeadByte
GetCPInfo
LocalAlloc
DeviceIoControl
SearchPathW
GetVolumeInformationW
GetFileAttributesA
GetVersion
GetFileTime
SetEndOfFile
CreateFileMappingA
CreateFileA
FlushFileBuffers
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualQuery
GlobalFree
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
CreateDirectoryW
CreateProcessW
GetOEMCP
lstrlenW
GetLogicalDriveStringsW
GetWindowsDirectoryW
GetDriveTypeW
SetErrorMode
GetCurrentProcessId
TlsSetValue
SuspendThread
GetModuleFileNameA
WriteFile
SetFilePointer
CreateFileW
UnmapViewOfFile
GetModuleHandleW
DeleteCriticalSection
GlobalLock
GetProcAddress
DecodePointer
FindResourceW
LoadResource
ResetEvent
LoadLibraryW
GetSystemInfo
RaiseException
CloseHandle
DeleteFileW
GlobalAlloc
LockResource
TerminateThread
SetEvent
OutputDebugStringW
GetLastError
Sleep
MultiByteToWideChar
CreateEventW
SetFileAttributesW
GetVersionExW
GetCurrentThreadId
GetFileAttributesW
WaitForSingleObject
InitializeCriticalSectionEx
GetTempPathW
InitializeCriticalSection
GetFileSize
LeaveCriticalSection
GetModuleFileNameW
VirtualAlloc
GetCurrentProcess
VirtualFree
EnterCriticalSection
SetLastError
SizeofResource
FlushInstructionCache

user32

OemToCharBuffW
GetSystemMenu
CharLowerW
OpenIcon
CheckMenuRadioItem
FindWindowExW
CallNextHookEx
WindowFromPoint
IsMenu
ExitWindowsEx
WindowFromDC
FrameRect
UnhookWindowsHookEx
EnumWindows
SetWindowsHookExW
GetMenuItemRect
GetMenuItemInfoW
SetActiveWindow
OpenClipboard
IsDialogMessageW
CloseClipboard
EmptyClipboard
BringWindowToTop
TranslateAcceleratorW
SetParent
SetClipboardData
DrawFrameControl
ModifyMenuW
DestroyCursor
DrawTextA
IsRectEmpty
CharNextW
SetFocus
LoadBitmapW
CreateAcceleratorTableW
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
DrawStateW
MapWindowPoints
IsChild
GetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
EqualRect
GetWindowDC
EndDialog
MessageBeep
CreatePopupMenu
MsgWaitForMultipleObjectsEx
SendDlgItemMessageW
DialogBoxIndirectParamW
AppendMenuW
FindWindowW
GetKeyState
ShowScrollBar
InvertRect
UnionRect
LoadStringW
GetActiveWindow
SetMenuDefaultItem
LockWindowUpdate
IntersectRect
TrackPopupMenuEx
EnableMenuItem
DialogBoxParamW
UpdateWindow
LoadMenuW
GetMenuStringW
wvsprintfW
InsertMenuItemW
PostThreadMessageW
GetWindowTextW
EndPaint
BeginPaint
ReleaseDC
PeekMessageW
DestroyAcceleratorTable
ClientToScreen
GetDlgCtrlID
GetMonitorInfoW
DestroyIcon
RedrawWindow
SetTimer
InvalidateRect
LoadImageW
ReleaseCapture
PtInRect
RegisterWindowMessageW
GetParent
DispatchMessageW
GetCapture
OffsetRect
InvalidateRgn
IsWindow
MonitorFromPoint
GetMenuItemID
GetMenuItemCount
GetIconInfo
DeleteMenu
TrackPopupMenu
GetSubMenu
SetMenuItemInfoW
DestroyMenu
InsertMenuW
CheckMenuItem
DrawIconEx
SetForegroundWindow
IsIconic
SetCursorPos
SetDlgItemTextW
wsprintfW
GetWindowThreadProcessId
RegisterClipboardFormatW
DeferWindowPos
GetMessagePos
BeginDeferWindowPos
TrackMouseEvent
CharToOemBuffA
OemToCharBuffA
CharLowerA
CharUpperA
CharToOemA
OemToCharA
IsWindowUnicode
GetClassInfoExW
SystemParametersInfoW
DrawEdge
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
SetRect
DrawTextW
GetClassLongW
TranslateMessage
GetClientRect
SetWindowLongW
SetRectEmpty
SetCursor
SetCapture
GetClassNameW
LoadCursorW
GetKeyNameTextW
CheckRadioButton
MapVirtualKeyW
MessageBoxA
CharNextA
GetQueueStatus
GetDlgItem
SetClassLongW
ShowWindow
RegisterClassExW
MsgWaitForMultipleObjects
SetWindowTextW
UnregisterClassW
SendMessageW
ScreenToClient
CreateWindowExW
FillRect
SetWindowRgn
MonitorFromWindow
MessageBoxW
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetWindowRect
DispatchMessageA
GetWindow
PostMessageW
CallWindowProcW
GetMessageA
AdjustWindowRectEx
DefWindowProcW
CreateDialogParamW
GetMessageW
GetWindowTextLengthW
GetWindowLongW
GetUpdateRect
CopyRect
RegisterHotKey
GetSystemMetrics
UnregisterHotKey
EnableWindow
GetWindowRgn
GetCursorPos
EndDeferWindowPos
GetForegroundWindow
LoadIconW

gdi32

PatBlt
GetWindowOrgEx
SetBrushOrgEx
OffsetRgn
GetRegionData
ExcludeClipRect
CombineRgn
GetPixel
LineTo
MoveToEx
CreatePen
Polygon
SetPixel
GetTextMetricsW
GetTextExtentPoint32W
CreateBrushIndirect
GetCurrentObject
RealizePalette
StretchDIBits
GetDIBits
ExtCreateRegion
CreateRectRgn
SelectPalette
SetDIBitsToDevice
SetViewportOrgEx
SelectClipRgn
PtInRegion
SetDIBColorTable
BitBlt
CreateCompatibleBitmap
SaveDC
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchBlt
FrameRgn
SetWindowOrgEx
GetStockObject
GetClipBox
CreateRectRgnIndirect
CreateRoundRectRgn
GetDeviceCaps
CreatePatternBrush
DeleteDC
SetTextColor
SetBkMode
OffsetWindowOrgEx
GetObjectW
SetBkColor
SetStretchBltMode
RestoreDC
LPtoDP
DeleteObject
CreateSolidBrush
CreateBitmap
CreateFontIndirectW
ExtTextOutW
DPtoLP
IntersectClipRect

comdlg32

ChooseColorW
ChooseFontW
GetOpenFileNameW
GetSaveFileNameW

advapi32

LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
GetSecurityDescriptorSacl
RegOpenKeyExA
RegQueryValueExA
SetFileSecurityW
SetFileSecurityA
RegQueryValueExW
RegOpenKeyExW

shell32

ord23
ord196
ord16
ord98
ord195
ShellExecuteExW
SHAddToRecentDocs
ord190
ord25
SHGetFileInfoW
Shell_NotifyIconW
SHChangeNotify
DragQueryFileW
SHGetPathFromIDListW
SHFileOperationW
ord18
ShellExecuteW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBindToParent
SHBrowseForFolderW
ord155
ord152
SHGetSpecialFolderPathW
SHGetFolderPathW
ExtractIconExW

ole32

CoGetClassObject
OleUninitialize
CoTaskMemAlloc
CoCreateGuid
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize
CLSIDFromString
OleLockRunning
ReleaseStgMedium
OleDuplicateData
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleSetContainedObject
ProgIDFromCLSID
StringFromCLSID
OleCreate
OleDraw
OleSetClipboard
OleGetClipboard
CoTaskMemRealloc

oleaut32

VariantChangeType
GetErrorInfo
SysStringByteLen
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
VarUI4FromStr
VarR8FromStr
VarDecFromStr
VarI4FromStr
VarDecCmp
VarDateFromStr
SafeArrayDestroy
VariantClear
SysAllocStringLen
SysStringLen
DispCallFunc
SysAllocString
OleCreateFontIndirect
SysFreeString
LoadTypeLi
VariantInit
LoadRegTypeLi
OleLoadPicture
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayUnaccessData

wspcomm

ord2
ord202
ord204
ord205
ord206
ord93
ord400
ord4
ord92
ord91
ord52
ord10
ord13
ord14
ord12
ord20
ord16
ord11
ord90
ord19
ord17
ord18
ord51
ord74
ord61
ord64
ord57
ord70
ord69
ord53
ord72
ord55
ord59
ord62
ord54
ord71
ord68
ord56
ord60
ord79
ord75
ord65
ord76
ord73
ord78
ord50
ord67
ord66
ord58
ord106
ord82
ord81
ord80
ord101
ord105
ord103
ord100
ord102
ord104
ord201
ord3
ord1
ord200
ord302
ord15

shlwapi

StrCpyW
PathAppendW
PathFindFileNameW
PathFileExistsW
PathIsDirectoryW
wnsprintfW

gdiplus

GdipGetImagePaletteSize
GdiplusShutdown
GdipBitmapUnlockBits
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipGetImageHeight
GdiplusStartup
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipCreateFromHDC
GdipCreateImageAttributes
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetPixelOffsetMode
GdipCreateBitmapFromStreamICM
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromStream
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDisposeImageAttributes
GdipSetPixelOffsetMode

imagehlp

StackWalk
SymGetSymFromAddr
SymGetLineFromAddr
SymLoadModule
SymFunctionTableAccess
SymGetModuleBase
SymInitialize
SymSetOptions
SymGetModuleInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvfw32

DrawDibClose
DrawDibOpen
DrawDibDraw

ws2_32

gethostname
WSACleanup
WSAStartup
inet_ntoa
gethostbyname

iphlpapi

GetNetworkParams

msacm32

acmStreamOpen
acmStreamReset
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmStreamConvert
acmStreamSize
acmStreamClose

Exports

Exports

CreateSoundBuffer
CreateStdContent
CreateStreamOnFile
CreateStreamOnInet
GetSoundCodecName

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bab34249bf73902128f2f282bcd9ead1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

winmm

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wspcomm

shlwapi

gdiplus

imagehlp

version

msvfw32

ws2_32

iphlpapi

msacm32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 330KB - Virtual size: 330KB

.data Size: 15KB - Virtual size: 65KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 107KB - Virtual size: 107KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 330KB - Virtual size: 330KB

.data
Size: 15KB - Virtual size: 65KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 107KB - Virtual size: 107KB