847512dc7dc531d776fb312a64f16f1fe653bfd35c6822ce051fdfb20f3b9be4N

Sharing

Copy URL Twitter E-mail

General

Target

847512dc7dc531d776fb312a64f16f1fe653bfd35c6822ce051fdfb20f3b9be4N
Size

1.1MB
MD5

39b36a2cc7e818fd7ce2560c569b8050
SHA1

ab27148a7d6d06c872c7b53c978f4120c38926b0
SHA256

847512dc7dc531d776fb312a64f16f1fe653bfd35c6822ce051fdfb20f3b9be4
SHA512

2a588b3e4d9db28461614cb6465eb4bfd3eb737aa77ad21b19f4ab247deed6c9506e89c8c0bd21aa7af1f7580e884cfc3ddeed260f6e6ba8769eef7a3716dc4d
SSDEEP

24576:jMgYVmycxZlUH17enX2mGUdTl00vjRkXCuu5KXnCaFuwcw63:jFY8TGVqGmGYSMkSuucXbFuxj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
847512dc7dc531d776fb312a64f16f1fe653bfd35c6822ce051fdfb20f3b9be4N

Files

847512dc7dc531d776fb312a64f16f1fe653bfd35c6822ce051fdfb20f3b9be4N
.dll regsvr32 windows:5 windows x86 arch:x86

1121d61894e63de8ce2662b48e4f867f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\Git\aplayer\trunk\APlayerIII\Symbols\Release\lavfilters-2\lavvideo.pdb

Imports

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

user32

DestroyMenu
wsprintfW
wvsprintfW
GetShellWindow
SetRect
UnregisterClassW
SendDlgItemMessageW
ShowWindow
GetDlgItem
EnableWindow
SendMessageW
PostMessageW
TrackPopupMenu
GetCursorPos
EnumWindows
GetClassNameW
GetWindowThreadProcessId
DispatchMessageW
DestroyWindow
CreateDialogParamW
GetWindowRect
GetDesktopWindow
LoadStringW
DefWindowProcW
MoveWindow
InvalidateRect
GetWindowLongW
SetWindowLongW
CreateWindowExW
SetWindowPos
GetMessageW
TranslateMessage
DestroyIcon
RegisterClassExW
LoadImageW
GetWindow
SetForegroundWindow
PostQuitMessage
EnumThreadWindows

oleaut32

SysAllocString
SysAllocStringLen
VariantClear
SysFreeString
OleCreatePropertyFrame

shlwapi

PathFindExtensionW
PathFindFileNameW

comctl32

InitCommonControlsEx

d3d9

Direct3DCreate9

avutil-56

av_get_pix_fmt_name
av_opt_set
av_buffer_unref
av_free
av_malloc
av_opt_set_int
av_pix_fmt_desc_get
av_get_cpu_flags
av_frame_ref
av_frame_get_side_data
av_get_picture_type_char
av_reduce
av_frame_unref
av_fast_realloc
av_buffer_create
av_frame_free
av_freep
av_mallocz
av_frame_alloc
av_cpu_count
av_log_set_callback
av_log_format_line
av_realloc
av_int_list_length_for_size
av_opt_set_bin
av_strdup
av_buffer_ref
av_rescale
av_frame_move_ref

avcodec-58

avcodec_register_all
avcodec_get_name
avcodec_find_decoder
avcodec_alloc_context3
av_copy_packet_side_data
ff_crop_tab
avsubtitle_free
avcodec_decode_subtitle2
av_init_packet
ff_vc1_pixel_aspect
avpriv_find_start_code
av_parser_init
avcodec_is_open
avcodec_receive_frame
avcodec_send_packet
av_packet_new_side_data
av_parser_parse2
av_packet_free
av_packet_alloc
av_new_packet
avcodec_close
av_parser_close
avcodec_open2
avcodec_flush_buffers

swscale-5

sws_getCoefficients
sws_scale
sws_getCachedContext
sws_freeContext
sws_getColorspaceDetails
sws_setColorspaceDetails

avfilter-7

avfilter_graph_alloc
avfilter_inout_alloc
avfilter_get_by_name
avfilter_graph_free
avfilter_graph_create_filter
avfilter_free
avfilter_graph_parse_ptr
avfilter_graph_config
av_buffersrc_write_frame
av_buffersink_get_frame
avfilter_register_all

kernel32

LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapSize
HeapReAlloc
VirtualProtect
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
GetProcessHeap
UnregisterWaitEx
InitializeSListHead
CreateTimerQueue
UnregisterWait
RegisterWaitForSingleObject
FlushFileBuffers
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitThread
QueryPerformanceCounter
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
LoadLibraryExW
HeapAlloc
HeapFree
EncodePointer
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStringTypeW
SetFilePointerEx
SetStdHandle
WriteConsoleW
CreateFileW
ReadFile
SetThreadAffinityMask
SetThreadPriority
IsDebuggerPresent
SetLastError
WideCharToMultiByte
GetModuleHandleW
GetTickCount
lstrcpyW
FreeLibrary
LoadLibraryW
GetProcAddress
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
Sleep
GetLastError
lstrlenW
VirtualQuery
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
InterlockedExchange
LocalAlloc
VirtualAlloc
VirtualFree
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
ReleaseSemaphore
DuplicateHandle
lstrcmpW
CreateEventW
CreateSemaphoreW
OutputDebugStringW
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
GetVersionExW
CreateThread
GetCurrentThread
ReadConsoleW
GetThreadPriority

advapi32

RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyW

winmm

timeGetTime

shell32

Shell_NotifyIconW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OpenConfiguration
SetOnlyDts

Sections

.text
Size: 819KB - Virtual size: 818KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1121d61894e63de8ce2662b48e4f867f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

user32

oleaut32

shlwapi

comctl32

d3d9

avutil-56

avcodec-58

swscale-5

avfilter-7

kernel32

advapi32

winmm

shell32

Exports

Exports

Sections

.text Size: 819KB - Virtual size: 818KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 21KB - Virtual size: 33KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 29KB - Virtual size: 29KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 819KB - Virtual size: 818KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 21KB - Virtual size: 33KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 29KB - Virtual size: 29KB

.text
Size: 108KB - Virtual size: 108KB