c6047fdf531d76f0adc8222f1da05d80bb09f92edd2e3527d4710fee2a62299aN

Sharing

Copy URL Twitter E-mail

General

Target

c6047fdf531d76f0adc8222f1da05d80bb09f92edd2e3527d4710fee2a62299aN
Size

796KB
MD5

33d3596b335d70af0aac83f7b6d723d0
SHA1

d441159a84ccd3e713c953769255e217e4e4ce99
SHA256

c6047fdf531d76f0adc8222f1da05d80bb09f92edd2e3527d4710fee2a62299a
SHA512

9462c40a711f332f1bc05792956b81fc28665b94760b71be8292a162e566342228684422da1a81d9ed935fbb1e4ba916fbc0f6843760af3f41b047912d546d8f
SSDEEP

12288:1/zZgUpKn0Fi4Qkw+QBJqFjjZr/XQ7hptypUtrFF:9ZgUpK0KkmBJqFflyEpyrFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6047fdf531d76f0adc8222f1da05d80bb09f92edd2e3527d4710fee2a62299aN

Files

c6047fdf531d76f0adc8222f1da05d80bb09f92edd2e3527d4710fee2a62299aN
.dll windows:6 windows x64 arch:x64

186e9c58fa0535603dbfefb9ad7a2798

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Vsttech-VC2017\thirdparty\GitHub\ffmpeg-msvc-build\vcpkg\buildtrees\harfbuzz\x64-windows-rel\src\harfbuzz.pdb

Imports

freetype

FT_Get_Var_Blend_Coordinates
FT_Load_Sfnt_Table
FT_Done_FreeType
FT_Set_Var_Blend_Coordinates
FT_Done_MM_Var
FT_Get_MM_Var
FT_Get_Advance
FT_MulFix
FT_Face_GetCharVariantIndex
FT_Get_Name_Index
FT_Get_Char_Index
FT_Select_Charmap
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Set_Transform
FT_Load_Glyph
FT_Set_Char_Size
FT_Done_Face
FT_Reference_Face
FT_New_Memory_Face
FT_Init_FreeType

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
DeleteCriticalSection
LeaveCriticalSection
CreateFileW
GetFileSize
CloseHandle
InitializeCriticalSection
EnterCriticalSection

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__current_exception_context
__std_type_info_destroy_list
__C_specific_handler
strstr
memcmp
memcpy
memmove
memset
strchr
__std_terminate

api-ms-win-crt-heap-l1-1-0

free
realloc
calloc
malloc

api-ms-win-crt-math-l1-1-0

floorf
ceilf

api-ms-win-crt-convert-l1-1-0

strtol
mbstowcs
strtoul

api-ms-win-crt-stdio-l1-1-0

fread
fopen
ferror
feof
fclose
__stdio_common_vsprintf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
strcmp

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_errno
_execute_onexit_table
_seh_filter_dll
_configure_narrow_argv
_cexit
_initterm_e
terminate
_initterm

Exports

Exports

hb_aat_layout_feature_type_get_name_id
hb_aat_layout_feature_type_get_selector_infos
hb_aat_layout_get_feature_types
hb_aat_layout_has_positioning
hb_aat_layout_has_substitution
hb_aat_layout_has_tracking
hb_blob_copy_writable_or_fail
hb_blob_create
hb_blob_create_from_file
hb_blob_create_from_file_or_fail
hb_blob_create_or_fail
hb_blob_create_sub_blob
hb_blob_destroy
hb_blob_get_data
hb_blob_get_data_writable
hb_blob_get_empty
hb_blob_get_length
hb_blob_get_user_data
hb_blob_is_immutable
hb_blob_make_immutable
hb_blob_reference
hb_blob_set_user_data
hb_buffer_add
hb_buffer_add_codepoints
hb_buffer_add_latin1
hb_buffer_add_utf16
hb_buffer_add_utf32
hb_buffer_add_utf8
hb_buffer_allocation_successful
hb_buffer_append
hb_buffer_clear_contents
hb_buffer_create
hb_buffer_deserialize_glyphs
hb_buffer_deserialize_unicode
hb_buffer_destroy
hb_buffer_diff
hb_buffer_get_cluster_level
hb_buffer_get_content_type
hb_buffer_get_direction
hb_buffer_get_empty
hb_buffer_get_flags
hb_buffer_get_glyph_infos
hb_buffer_get_glyph_positions
hb_buffer_get_invisible_glyph
hb_buffer_get_language
hb_buffer_get_length
hb_buffer_get_replacement_codepoint
hb_buffer_get_script
hb_buffer_get_segment_properties
hb_buffer_get_unicode_funcs
hb_buffer_get_user_data
hb_buffer_guess_segment_properties
hb_buffer_has_positions
hb_buffer_normalize_glyphs
hb_buffer_pre_allocate
hb_buffer_reference
hb_buffer_reset
hb_buffer_reverse
hb_buffer_reverse_clusters
hb_buffer_reverse_range
hb_buffer_serialize
hb_buffer_serialize_format_from_string
hb_buffer_serialize_format_to_string
hb_buffer_serialize_glyphs
hb_buffer_serialize_list_formats
hb_buffer_serialize_unicode
hb_buffer_set_cluster_level
hb_buffer_set_content_type
hb_buffer_set_direction
hb_buffer_set_flags
hb_buffer_set_invisible_glyph
hb_buffer_set_language
hb_buffer_set_length
hb_buffer_set_message_func
hb_buffer_set_replacement_codepoint
hb_buffer_set_script
hb_buffer_set_segment_properties
hb_buffer_set_unicode_funcs
hb_buffer_set_user_data
hb_color_get_alpha
hb_color_get_blue
hb_color_get_green
hb_color_get_red
hb_direction_from_string
hb_direction_to_string
hb_face_builder_add_table
hb_face_builder_create
hb_face_collect_unicodes
hb_face_collect_variation_selectors
hb_face_collect_variation_unicodes
hb_face_count
hb_face_create
hb_face_create_for_tables
hb_face_destroy
hb_face_get_empty
hb_face_get_glyph_count
hb_face_get_index
hb_face_get_table_tags
hb_face_get_upem
hb_face_get_user_data
hb_face_is_immutable
hb_face_make_immutable
hb_face_reference
hb_face_reference_blob
hb_face_reference_table
hb_face_set_glyph_count
hb_face_set_index
hb_face_set_upem
hb_face_set_user_data
hb_feature_from_string
hb_feature_to_string
hb_font_add_glyph_origin_for_direction
hb_font_create
hb_font_create_sub_font
hb_font_destroy
hb_font_funcs_create
hb_font_funcs_destroy
hb_font_funcs_get_empty
hb_font_funcs_get_user_data
hb_font_funcs_is_immutable
hb_font_funcs_make_immutable
hb_font_funcs_reference
hb_font_funcs_set_font_h_extents_func
hb_font_funcs_set_font_v_extents_func
hb_font_funcs_set_glyph_contour_point_func
hb_font_funcs_set_glyph_extents_func
hb_font_funcs_set_glyph_from_name_func
hb_font_funcs_set_glyph_func
hb_font_funcs_set_glyph_h_advance_func
hb_font_funcs_set_glyph_h_advances_func
hb_font_funcs_set_glyph_h_kerning_func
hb_font_funcs_set_glyph_h_origin_func
hb_font_funcs_set_glyph_name_func
hb_font_funcs_set_glyph_v_advance_func
hb_font_funcs_set_glyph_v_advances_func
hb_font_funcs_set_glyph_v_kerning_func
hb_font_funcs_set_glyph_v_origin_func
hb_font_funcs_set_nominal_glyph_func
hb_font_funcs_set_nominal_glyphs_func
hb_font_funcs_set_user_data
hb_font_funcs_set_variation_glyph_func
hb_font_get_empty
hb_font_get_extents_for_direction
hb_font_get_face
hb_font_get_glyph
hb_font_get_glyph_advance_for_direction
hb_font_get_glyph_advances_for_direction
hb_font_get_glyph_contour_point
hb_font_get_glyph_contour_point_for_origin
hb_font_get_glyph_extents
hb_font_get_glyph_extents_for_origin
hb_font_get_glyph_from_name
hb_font_get_glyph_h_advance
hb_font_get_glyph_h_advances
hb_font_get_glyph_h_kerning
hb_font_get_glyph_h_origin
hb_font_get_glyph_kerning_for_direction
hb_font_get_glyph_name
hb_font_get_glyph_origin_for_direction
hb_font_get_glyph_v_advance
hb_font_get_glyph_v_advances
hb_font_get_glyph_v_kerning
hb_font_get_glyph_v_origin
hb_font_get_h_extents
hb_font_get_nominal_glyph
hb_font_get_nominal_glyphs
hb_font_get_parent
hb_font_get_ppem
hb_font_get_ptem
hb_font_get_scale
hb_font_get_user_data
hb_font_get_v_extents
hb_font_get_var_coords_normalized
hb_font_get_variation_glyph
hb_font_glyph_from_string
hb_font_glyph_to_string
hb_font_is_immutable
hb_font_make_immutable
hb_font_reference
hb_font_set_face
hb_font_set_funcs
hb_font_set_funcs_data
hb_font_set_parent
hb_font_set_ppem
hb_font_set_ptem
hb_font_set_scale
hb_font_set_user_data
hb_font_set_var_coords_design
hb_font_set_var_coords_normalized
hb_font_set_var_named_instance
hb_font_set_variations
hb_font_subtract_glyph_origin_for_direction
hb_ft_face_create
hb_ft_face_create_cached
hb_ft_face_create_referenced
hb_ft_font_changed
hb_ft_font_create
hb_ft_font_create_referenced
hb_ft_font_get_face
hb_ft_font_get_load_flags
hb_ft_font_lock_face
hb_ft_font_set_funcs
hb_ft_font_set_load_flags
hb_ft_font_unlock_face
hb_glyph_info_get_glyph_flags
hb_language_from_string
hb_language_get_default
hb_language_to_string
hb_map_allocation_successful
hb_map_clear
hb_map_create
hb_map_del
hb_map_destroy
hb_map_get
hb_map_get_empty
hb_map_get_population
hb_map_get_user_data
hb_map_has
hb_map_is_empty
hb_map_reference
hb_map_set
hb_map_set_user_data
hb_ot_color_glyph_get_layers
hb_ot_color_glyph_reference_png
hb_ot_color_glyph_reference_svg
hb_ot_color_has_layers
hb_ot_color_has_palettes
hb_ot_color_has_png
hb_ot_color_has_svg
hb_ot_color_palette_color_get_name_id
hb_ot_color_palette_get_colors
hb_ot_color_palette_get_count
hb_ot_color_palette_get_flags
hb_ot_color_palette_get_name_id
hb_ot_font_set_funcs
hb_ot_layout_collect_features
hb_ot_layout_collect_lookups
hb_ot_layout_feature_get_characters
hb_ot_layout_feature_get_lookups
hb_ot_layout_feature_get_name_ids
hb_ot_layout_feature_with_variations_get_lookups
hb_ot_layout_get_attach_points
hb_ot_layout_get_baseline
hb_ot_layout_get_glyph_class
hb_ot_layout_get_glyphs_in_class
hb_ot_layout_get_ligature_carets
hb_ot_layout_get_size_params
hb_ot_layout_has_glyph_classes
hb_ot_layout_has_positioning
hb_ot_layout_has_substitution
hb_ot_layout_language_find_feature
hb_ot_layout_language_get_feature_indexes
hb_ot_layout_language_get_feature_tags
hb_ot_layout_language_get_required_feature
hb_ot_layout_language_get_required_feature_index
hb_ot_layout_lookup_collect_glyphs
hb_ot_layout_lookup_get_glyph_alternates
hb_ot_layout_lookup_substitute_closure
hb_ot_layout_lookup_would_substitute
hb_ot_layout_lookups_substitute_closure
hb_ot_layout_script_find_language
hb_ot_layout_script_get_language_tags
hb_ot_layout_script_select_language
hb_ot_layout_table_choose_script
hb_ot_layout_table_find_feature_variations
hb_ot_layout_table_find_script
hb_ot_layout_table_get_feature_tags
hb_ot_layout_table_get_lookup_count
hb_ot_layout_table_get_script_tags
hb_ot_layout_table_select_script
hb_ot_math_get_constant
hb_ot_math_get_glyph_assembly
hb_ot_math_get_glyph_italics_correction
hb_ot_math_get_glyph_kerning
hb_ot_math_get_glyph_top_accent_attachment
hb_ot_math_get_glyph_variants
hb_ot_math_get_min_connector_overlap
hb_ot_math_has_data
hb_ot_math_is_glyph_extended_shape
hb_ot_meta_get_entry_tags
hb_ot_meta_reference_entry
hb_ot_metrics_get_position
hb_ot_metrics_get_variation
hb_ot_metrics_get_x_variation
hb_ot_metrics_get_y_variation
hb_ot_name_get_utf16
hb_ot_name_get_utf32
hb_ot_name_get_utf8
hb_ot_name_list_names
hb_ot_shape_glyphs_closure
hb_ot_shape_plan_collect_lookups
hb_ot_tag_from_language
hb_ot_tag_to_language
hb_ot_tag_to_script
hb_ot_tags_from_script
hb_ot_tags_from_script_and_language
hb_ot_tags_to_script_and_language
hb_ot_var_find_axis
hb_ot_var_find_axis_info
hb_ot_var_get_axes
hb_ot_var_get_axis_count
hb_ot_var_get_axis_infos
hb_ot_var_get_named_instance_count
hb_ot_var_has_data
hb_ot_var_named_instance_get_design_coords
hb_ot_var_named_instance_get_postscript_name_id
hb_ot_var_named_instance_get_subfamily_name_id
hb_ot_var_normalize_coords
hb_ot_var_normalize_variations
hb_script_from_iso15924_tag
hb_script_from_string
hb_script_get_horizontal_direction
hb_script_to_iso15924_tag
hb_segment_properties_equal
hb_segment_properties_hash
hb_set_add
hb_set_add_range
hb_set_allocation_successful
hb_set_clear
hb_set_copy
hb_set_create
hb_set_del
hb_set_del_range
hb_set_destroy
hb_set_get_empty
hb_set_get_max
hb_set_get_min
hb_set_get_population
hb_set_get_user_data
hb_set_has
hb_set_intersect
hb_set_invert
hb_set_is_empty
hb_set_is_equal
hb_set_is_subset
hb_set_next
hb_set_next_range
hb_set_previous
hb_set_previous_range
hb_set_reference
hb_set_set
hb_set_set_user_data
hb_set_subtract
hb_set_symmetric_difference
hb_set_union
hb_shape
hb_shape_full
hb_shape_list_shapers
hb_shape_plan_create
hb_shape_plan_create2
hb_shape_plan_create_cached
hb_shape_plan_create_cached2
hb_shape_plan_destroy
hb_shape_plan_execute
hb_shape_plan_get_empty
hb_shape_plan_get_shaper
hb_shape_plan_get_user_data
hb_shape_plan_reference
hb_shape_plan_set_user_data
hb_tag_from_string
hb_tag_to_string
hb_unicode_combining_class
hb_unicode_compose
hb_unicode_decompose
hb_unicode_decompose_compatibility
hb_unicode_eastasian_width
hb_unicode_funcs_create
hb_unicode_funcs_destroy
hb_unicode_funcs_get_default
hb_unicode_funcs_get_empty
hb_unicode_funcs_get_parent
hb_unicode_funcs_get_user_data
hb_unicode_funcs_is_immutable
hb_unicode_funcs_make_immutable
hb_unicode_funcs_reference
hb_unicode_funcs_set_combining_class_func
hb_unicode_funcs_set_compose_func
hb_unicode_funcs_set_decompose_compatibility_func
hb_unicode_funcs_set_decompose_func
hb_unicode_funcs_set_eastasian_width_func
hb_unicode_funcs_set_general_category_func
hb_unicode_funcs_set_mirroring_func
hb_unicode_funcs_set_script_func
hb_unicode_funcs_set_user_data
hb_unicode_general_category
hb_unicode_mirroring
hb_unicode_script
hb_variation_from_string
hb_variation_to_string
hb_version
hb_version_atleast
hb_version_string

Sections

.text
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

186e9c58fa0535603dbfefb9ad7a2798

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

freetype

kernel32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 572KB - Virtual size: 572KB

.rdata Size: 193KB - Virtual size: 193KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 26KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 284B

.text
Size: 572KB - Virtual size: 572KB

.rdata
Size: 193KB - Virtual size: 193KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 26KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 284B