a65d275c5161969ebf7c24856daf96bb219dae2d8a57b3547f837cf97cf78ee9N

Sharing

Copy URL Twitter E-mail

General

Target

a65d275c5161969ebf7c24856daf96bb219dae2d8a57b3547f837cf97cf78ee9N
Size

4.3MB
MD5

b83fff1905c19a6f4b13f2e234f9dab0
SHA1

a947be33bd80b34b743861b5391c50ca7f94e824
SHA256

a65d275c5161969ebf7c24856daf96bb219dae2d8a57b3547f837cf97cf78ee9
SHA512

6b20037a171b6e7aabd85fd00593bc9ccf02df65b7321907902e3ec75d333175b06cd8d4991b6ea55d0112f289fca0187bd4319dddaae44a3bf22ed3d4d2ce17
SSDEEP

98304:4wG9GQdv5xkLW4fMQ+UQPS/hSMjQ9I+xldkzTcdKWYI:jG9GQdv5xkLWsYPjMU9IPTFBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a65d275c5161969ebf7c24856daf96bb219dae2d8a57b3547f837cf97cf78ee9N

Files

a65d275c5161969ebf7c24856daf96bb219dae2d8a57b3547f837cf97cf78ee9N
.dll windows:4 windows x86 arch:x86

7e9aeac3a8c17476daa1fdc2bc0e92f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

block_Alloc
var_Inherit
vlc_Log
vlc_UrlClean
vlc_UrlParse
vlc_getaddrinfo
vlc_interrupt_register
vlc_interrupt_unregister
vlc_killed
vlc_mutex_destroy
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_obj_calloc

advapi32

CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptReleaseContext
CryptSetHashParam
CryptSetProvParam
CryptSignHashA

crypt32

CertCloseStore
CertDeleteCertificateFromStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
PFXImportCertStore

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileInformationByHandle
GetFileType
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__doserrno
__mb_cur_max
__pioinfo
__setusermatherr
_amsg_exit
_beginthreadex
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_fstat64
_ftime
_get_osfhandle
_getmaxstdio
_initterm
_iob
_lock
_lseeki64
_mkdir
_onexit
_open_osfhandle
_setjmp3
_setmaxstdio
_snwprintf
localtime
_stricmp
_strnicmp
_ultoa
_unlock
calloc
exit
fclose
ferror
fflush
fgetpos
fgets
fgetwc
fopen
fprintf
fputc
fputs
fread
free
fsetpos
fwprintf
fwrite
getc
getenv
getwc
gmtime
islower
isspace
isupper
iswctype
isxdigit
localeconv
localtime
log10
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
putwc
qsort
raise
realloc
setlocale
setvbuf
sprintf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strrchr
strstr
strtok
strtol
strtoul
strxfrm
_vsnprintf
_vsnwprintf
_write
abort
time
tolower
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcscpy
wcsftime
wcslen
wcstombs
wcsxfrm
atoi
longjmp
_write
_strdup
_setmode
_read
_open
_fileno
_fdopen
_dup2
_close

user32

MessageBoxW

ws2_32

WSARecvFrom
WSASendTo
WSASetLastError
freeaddrinfo
getaddrinfo
getnameinfo
recv
send

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
bind
closesocket
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
ntohl
ntohs
select
setsockopt
socket

Exports

Exports

vlc_entry__3_0_0f
vlc_entry_copyright__3_0_0f
vlc_entry_license__3_0_0f

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 702KB - Virtual size: 702KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e9aeac3a8c17476daa1fdc2bc0e92f9

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

advapi32

crypt32

kernel32

msvcrt

user32

ws2_32

wsock32

Exports

Exports

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 702KB - Virtual size: 702KB

.bss Size: - Virtual size: 21KB

.edata Size: 512B - Virtual size: 167B

.idata Size: 7KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 128KB - Virtual size: 128KB

/4 Size: 512B - Virtual size: 36B

.text
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 702KB - Virtual size: 702KB

.bss
Size: - Virtual size: 21KB

.edata
Size: 512B - Virtual size: 167B

.idata
Size: 7KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 128KB - Virtual size: 128KB

/4
Size: 512B - Virtual size: 36B