e1db1b6bf9eab2058e82a23b0d3b0c3f330031faadfe1543c70cf3d6e376c1b5

Sharing

Copy URL

Twitter E-mail

General

Target

e1db1b6bf9eab2058e82a23b0d3b0c3f330031faadfe1543c70cf3d6e376c1b5
Size

12.6MB
MD5

3ece60696919a5cbf74e1cdec92b70ad
SHA1

a806c22fcb6f00feedb2c74d51c4e8096dabacb6
SHA256

e1db1b6bf9eab2058e82a23b0d3b0c3f330031faadfe1543c70cf3d6e376c1b5
SHA512

8e5d34fdc92fc6bb41030e1b1ea5d3ea25accf089b926bc3898ce7423a7e15340e6b9ccdf477a1c3643ff069b18e724886a518e9c124981125a20f456fdaf6c2
SSDEEP

393216:HUbvFw+aSYUTqC5U/Ox56rTn5B13DMP0X:Hn+aLUTAU5mTn5z3DMP0X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1db1b6bf9eab2058e82a23b0d3b0c3f330031faadfe1543c70cf3d6e376c1b5

Files

e1db1b6bf9eab2058e82a23b0d3b0c3f330031faadfe1543c70cf3d6e376c1b5
.dll windows:6 windows x86 arch:x86

40d79d3a4646f1e07ad802cac27acab8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\53433\CCCreator\proj\cmake\sln_x86_Release\bin\Release\ttvideoeditor-c.pdb

Imports

kernel32

PeekNamedPipe
SetConsoleCtrlHandler
ExitProcess
OutputDebugStringW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
CreateEventW
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitOnceComplete
InitOnceBeginInitialize
SetDllDirectoryA
GetFileInformationByHandleEx
AreFileApisANSI
FormatMessageA
LocalFree
FlushInstructionCache
InitializeCriticalSection
VirtualAlloc
GetModuleFileNameA
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
VirtualFree
SetThreadErrorMode
SetLastError
SwitchToThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
lstrcmpW
TlsGetValue
TlsAlloc
GetModuleHandleExA
TlsSetValue
MoveFileW
LoadLibraryExA
LeaveCriticalSection
EnterCriticalSection
FlsFree
RaiseException
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentProcessId
FreeLibrary
GetProcAddress
LoadLibraryW
MultiByteToWideChar
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
WaitForMultipleObjects
CreateThread
SetThreadPriority
TerminateThread
GetDiskFreeSpaceExW
GetModuleHandleA
ReadFile
SetHandleInformation
CreatePipe
TerminateProcess
CreateProcessW
DeleteFileW
GetModuleFileNameW
LoadLibraryExW
Sleep
GetExitCodeProcess
GetCurrentThreadId
CreateDirectoryW
WritePrivateProfileStringW
GetModuleHandleExW
GetPrivateProfileIntW
GetPrivateProfileStringW
LoadLibraryA
GetFileSizeEx
VirtualQuery
SetConsoleTextAttribute
GetStdHandle
WriteConsoleA
WriteFile
GetDynamicTimeZoneInformation
CreateFileW
GetFileAttributesW
UnmapViewOfFile
GetConsoleMode
FlushViewOfFile
GetSystemInfo
CreateFileMappingA
WideCharToMultiByte
MapViewOfFile
FindFirstFileW
FindNextFileW
FindClose
GetDiskFreeSpaceExA
GetLocalTime
GetCurrentThread
GetModuleHandleW
GetDriveTypeA
GetSystemTimes
GetLogicalDriveStringsA
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
GetProcessTimes
GetCurrentProcess
GetFileAttributesExW
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
DeviceIoControl
VirtualProtect
K32GetProcessMemoryInfo
SetFilePointerEx
InitOnceExecuteOnce
FlsAlloc
FlsGetValue
FlsSetValue
GetConsoleScreenBufferInfo

user32

GetWindowPlacement
IsWindowVisible
IsIconic
SetLayeredWindowAttributes
ShowWindow
IsWindow
GetSystemMetrics
LoadCursorA
SetWindowPos
CopyImage
CreateWindowExW
RegisterClassExW
PtInRect
SetWinEventHook
UnhookWinEvent
DispatchMessageA
RegisterDeviceNotificationW
TranslateMessage
PeekMessageA
UnregisterDeviceNotification
CopyIcon
GetIconInfo
GetCursorInfo
DestroyIcon
ClientToScreen
GetWindowDC
PrintWindow
DrawIconEx
SetWindowDisplayAffinity
GetWindowDisplayAffinity
IsRectEmpty
GetClientRect
FindWindowA
DestroyWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
WindowFromDC
UpdateLayeredWindow
EnumDisplayMonitors
GetMonitorInfoA
GetWindow
GetWindowThreadProcessId
EnumWindows
FindWindowExA
GetParent
GetDesktopWindow
SetWindowLongA
GetWindowLongA
IntersectRect
WindowFromPoint
GetWindowRect
GetWindowTextW
RedrawWindow
ReleaseDC
GetDC

gdi32

SelectObject
CreateDIBSection
DeleteDC
DeleteObject
GetObjectA
StretchDIBits
BitBlt
GetDeviceCaps
CreateCompatibleDC

shell32

SHGetKnownFolderPath

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoCreateGuid
CoTaskMemAlloc
StringFromGUID2
CoFreeUnusedLibraries
PropVariantClear

oleaut32

VariantInit

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

propsys

PropVariantGetUInt16Elem

version

GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

shlwapi

PathFileExistsW

Exports

Exports

AlphaBlend
bytevc0ConfigDefaultPreset
bytevc0ConfigLevel
bytevc0ConfigParse
bytevc0ConfigProfile
bytevc0EncoderClose
bytevc0EncoderDelayedFrames
bytevc0EncoderEncodeFrame
bytevc0EncoderEncodeHeaders
bytevc0EncoderIsResetForNewCfg
bytevc0EncoderKeyFrameRequest
bytevc0EncoderLtrFrameRequest
bytevc0EncoderLtrMarkRequest
bytevc0EncoderOpen
bytevc0EncoderReconfig
bytevc0EncoderSetFramesToBeEncoded
bytevc0SetLogCallback
setEnableMosh
setOpticalFlowInfo
vesdk_audio_output_record_init
vesdk_audio_preview_create
vesdk_audio_preview_destroy
vesdk_audio_preview_set_callback
vesdk_converter_can_convert
vesdk_converter_can_remux
vesdk_converter_cancel
vesdk_converter_check_video_av_interleave_execute
vesdk_converter_check_video_av_interleave_init
vesdk_converter_create
vesdk_converter_destroy
vesdk_converter_set_buried_point_callback
vesdk_converter_set_error_callback
vesdk_converter_set_io_buf_callback
vesdk_converter_set_progress_callback
vesdk_converter_set_settings
vesdk_converter_start
vesdk_editor_compile
vesdk_editor_create
vesdk_editor_destroy
vesdk_editor_preview_begin
vesdk_editor_preview_end
vesdk_editor_preview_pause
vesdk_editor_preview_play
vesdk_editor_preview_seek
vesdk_editor_preview_set_surface
vesdk_editor_preview_set_surface_size
vesdk_editor_set_message_callback
vesdk_editor_set_sequence
vesdk_find_codec_by_name
vesdk_get_version
vesdk_gif_thumbnail_set_buried_point_callback
vesdk_init
vesdk_long_image_set_buried_point_callback
vesdk_network_file_loader_create
vesdk_network_file_loader_destroy
vesdk_network_file_loader_get_file_size
vesdk_network_file_loader_get_received_size
vesdk_network_file_loader_get_status
vesdk_network_file_manager_init
vesdk_player_create
vesdk_player_create_events
vesdk_player_destroy
vesdk_player_destroy_events
vesdk_player_get_current_image
vesdk_player_get_media_info
vesdk_player_get_pos
vesdk_player_get_status
vesdk_player_get_volume
vesdk_player_pause
vesdk_player_play
vesdk_player_seek
vesdk_player_set_auto_play_buffer_time
vesdk_player_set_message_callback
vesdk_player_set_surface
vesdk_player_set_surface_size
vesdk_player_set_url
vesdk_player_set_volume
vesdk_player_stop
vesdk_recorder_compile_set_encoder_name
vesdk_recorder_compile_set_settings
vesdk_recorder_compile_start
vesdk_recorder_compile_stop
vesdk_recorder_create
vesdk_recorder_custom_input_push_audio_frame
vesdk_recorder_custom_input_push_video_frame
vesdk_recorder_destroy
vesdk_recorder_enable_atomic_hot_update
vesdk_recorder_hot_update
vesdk_recorder_preview_begin
vesdk_recorder_preview_enable_transparent_background
vesdk_recorder_preview_end
vesdk_recorder_preview_set_surface
vesdk_recorder_preview_set_surface_size
vesdk_recorder_preview_start
vesdk_recorder_preview_stop
vesdk_recorder_recovery_create
vesdk_recorder_recovery_destroy
vesdk_recorder_recovery_get_output_path
vesdk_recorder_recovery_pause
vesdk_recorder_recovery_resume
vesdk_recorder_recovery_set_file_path
vesdk_recorder_recovery_set_message_callback
vesdk_recorder_recovery_start
vesdk_recorder_recovery_stop
vesdk_recorder_set_buried_point_callback
vesdk_recorder_set_message_callback
vesdk_recorder_set_sequence
vesdk_scene_recognition_set_buried_point_callback
vesdk_screen_record_create
vesdk_screen_record_destroy
vesdk_screen_record_long_image_create
vesdk_screen_record_long_image_destroy
vesdk_screen_record_long_image_set_ignore_windowlist
vesdk_screen_record_long_image_set_paused
vesdk_screen_record_long_image_set_progress_callback
vesdk_screen_record_long_image_set_settings
vesdk_screen_record_long_image_start
vesdk_screen_record_long_image_stop
vesdk_screen_record_set_buried_point_callback
vesdk_screen_record_set_input_audio_setting
vesdk_screen_record_set_pause
vesdk_screen_record_set_progress_callback
vesdk_screen_record_set_settings
vesdk_screen_record_set_system_audio_setting
vesdk_screen_record_start
vesdk_screen_record_stop
vesdk_sequence_create
vesdk_sequence_delete_clip
vesdk_sequence_delete_track
vesdk_sequence_destroy
vesdk_sequence_helper_get_text_bounding_box
vesdk_sequence_insert_clip
vesdk_sequence_insert_track
vesdk_sequence_set_track_layer
vesdk_sequence_update
vesdk_sequence_update_camera_clip
vesdk_sequence_update_color_clip
vesdk_sequence_update_effect_clip
vesdk_sequence_update_setting
vesdk_set_dll_delayload_config
vesdk_set_effect_config
vesdk_set_gl_message_callback
vesdk_set_log_config
vesdk_set_ttnet_delayload_path
vesdk_utils_config_ability
vesdk_utils_frame_scene_recognition
vesdk_utils_frame_scene_recognition_with_region
vesdk_utils_free
vesdk_utils_get_audio_device_list
vesdk_utils_get_camera_list
vesdk_utils_get_current_timestamp_us
vesdk_utils_get_frame_pos
vesdk_utils_get_gif_thumbnail
vesdk_utils_get_media_info
vesdk_utils_get_screen_list
vesdk_utils_get_thumbnail
vesdk_utils_get_windows_list
vesdk_utils_image_scene_recognition
vesdk_utils_image_scene_recognition_with_region
vesdk_utils_zoom_image
vesdk_zoom_picture_set_buried_point_callback

Sections

.text
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 588KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40d79d3a4646f1e07ad802cac27acab8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

propsys

version

wtsapi32

shlwapi

Exports

Exports

Sections

.text Size: 9.6MB - Virtual size: 9.6MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 255KB - Virtual size: 916KB

.detourc Size: 4KB - Virtual size: 8KB

.detourd Size: 512B - Virtual size: 4KB

.rsrc Size: 588KB - Virtual size: 587KB

.text
Size: 9.6MB - Virtual size: 9.6MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 255KB - Virtual size: 916KB

.detourc
Size: 4KB - Virtual size: 8KB

.detourd
Size: 512B - Virtual size: 4KB

.rsrc
Size: 588KB - Virtual size: 587KB