Architecture |
IMAGE_FILE_MACHINE_AMD64
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2023-Jan-02 00:48:36 |
Detected languages |
English - United States
|
TLS Callbacks | 2 callback(s) detected. |
CompanyName | SpotPlayer |
FileDescription | SpotPlayer |
FileVersion | 5.3.2.32 |
LegalCopyright | © All Rights Reserved. |
OriginalFilename | SpotPlayer.exe |
ProductName | SpotPlayer |
ProductVersion | 5.3.2.32 |
Suspicious | PEiD Signature: | HQR data file |
Suspicious | Strings found in the binary may indicate undesirable behavior: |
Contains references to system / monitoring tools:
|
Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Uses constants related to SHA512 Uses constants related to AES Uses constants related to Blowfish Uses known Diffie-Helman primes Uses known Mersenne Twister constants |
Suspicious | The PE is possibly packed. |
Unusual section name found: .qtmetad
Unusual section name found: .qtmimed |
Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
Safe | VirusTotal score: 0/64 (Scanned on 2023-03-02 15:20:36) | All the AVs think this file is safe. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x138 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_AMD64
|
NumberofSections | 9 |
TimeDateStamp | 2023-Jan-02 00:48:36 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xf0 |
Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32+ |
---|---|
LinkerVersion | 14.3 |
SizeOfCode | 0xf26200 |
SizeOfInitializedData | 0x8ee400 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x0000000000EC7CA4 (Section: .text) |
BaseOfCode | 0x1000 |
ImageBase | 0x140000000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 6.0 |
ImageVersion | 5.3 |
SubsystemVersion | 6.0 |
Win32VersionValue | 0 |
SizeOfImage | 0x1819000 |
SizeOfHeaders | 0x400 |
Checksum | 0 |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
bcrypt.dll |
BCryptGenRandom
BCryptOpenAlgorithmProvider BCryptCloseAlgorithmProvider |
---|---|
WTSAPI32.dll |
WTSFreeMemory
WTSQuerySessionInformationW |
dwmapi.dll |
DwmEnableBlurBehindWindow
DwmGetWindowAttribute DwmSetWindowAttribute DwmIsCompositionEnabled |
OLEAUT32.dll |
SafeArrayPutElement
SafeArrayCreateVector SysAllocString SysFreeString VariantClear VariantInit |
IMM32.dll |
ImmGetVirtualKey
ImmGetContext ImmSetCandidateWindow ImmSetCompositionWindow ImmNotifyIME ImmGetOpenStatus ImmGetDefaultIMEWnd ImmReleaseContext ImmAssociateContext ImmAssociateContextEx ImmGetCompositionStringW |
OPENGL32.dll |
glLoadIdentity
glLoadMatrixf glMatrixMode glOrtho |
IPHLPAPI.DLL |
ConvertInterfaceLuidToNameW
GetAdaptersAddresses ConvertInterfaceNameToLuidW ConvertInterfaceLuidToIndex ConvertInterfaceLuidToGuid ConvertInterfaceIndexToLuid |
GDI32.dll |
GetDIBits
ExtTextOutW BitBlt CombineRgn CreateRectRgn DeleteObject OffsetRgn SelectClipRgn SetLayout GetDeviceCaps CreateCompatibleBitmap CreateCompatibleDC CreateDCW DeleteDC SelectObject CreateBitmap ChoosePixelFormat DescribePixelFormat GetPixelFormat SetPixelFormat SwapBuffers GetBitmapBits GetObjectW CreateFontIndirectW EnumFontFamiliesExW GetFontData GetStockObject AddFontResourceExW RemoveFontResourceExW AddFontMemResourceEx RemoveFontMemResourceEx GetTextMetricsW SetWorldTransform CreateDIBSection GdiFlush GetCharABCWidthsW GetCharABCWidthsFloatW GetGlyphOutlineW GetOutlineTextMetricsW GetTextExtentPoint32W GetCharABCWidthsI SetBkMode SetGraphicsMode SetTextColor SetTextAlign GetTextFaceW |
CRYPT32.dll |
CertFreeCertificateChain
CertGetCertificateChain CertAddCertificateContextToStore CertFreeCertificateContext CertCreateCertificateContext CertOpenStore CertOpenSystemStoreW CertFindCertificateInStore CertCloseStore |
MPR.dll |
WNetGetUniversalNameW
|
USERENV.dll |
GetUserProfileDirectoryW
|
VERSION.dll |
GetFileVersionInfoSizeW
GetFileVersionInfoW VerQueryValueW |
NETAPI32.dll |
NetApiBufferFree
NetShareEnum |
WS2_32.dll |
WSAStartup
WSACleanup WSASetLastError send recv WSASocketW WSASendTo WSASend WSARecvFrom WSARecv WSANtohs WSANtohl WSAIoctl WSAHtonl WSAConnect WSAAccept WSAGetLastError setsockopt select listen htons getsockname getpeername closesocket bind __WSAFDIsSet getsockopt getnameinfo freeaddrinfo getaddrinfo ntohl htonl gethostname WSAAsyncSelect |
ADVAPI32.dll |
DuplicateToken
RegSetValueExW RegQueryInfoKeyW RegFlushKey RegEnumValueW RegEnumKeyExW RegDeleteValueW RegDeleteKeyW RegCreateKeyExW BuildTrusteeWithSidW GetNamedSecurityInfoW GetEffectiveRightsFromAclW LookupAccountSidW MapGenericMask GetLengthSid FreeSid RegCloseKey CopySid AllocateAndInitializeSid AccessCheck OpenProcessToken SystemFunction036 RegQueryValueExW GetTokenInformation GetSidSubAuthorityCount GetSidSubAuthority ReportEventW RegisterEventSourceW DeregisterEventSource RegOpenKeyExW RegNotifyChangeKeyValue |
KERNEL32.dll |
InitializeCriticalSectionEx
InitializeSListHead SetUnhandledExceptionFilter UnhandledExceptionFilter RtlLookupFunctionEntry RtlCaptureContext VirtualFree VirtualAlloc ReleaseMutex WriteFileEx SleepEx CancelIoEx PeekNamedPipe ReadFileEx GetUserGeoID GetGeoInfoW GetTimeZoneInformation FindFirstFileExW FindNextChangeNotification FindFirstChangeNotificationW FindCloseChangeNotification LCMapStringW CompareStringW GetVolumeNameForVolumeMountPointW GetVolumePathNameW GetDiskFreeSpaceExW RegisterWaitForSingleObject UnregisterWaitEx GetProcessId GetExitCodeProcess CreateNamedPipeW ConnectNamedPipe FreeEnvironmentStringsW GetEnvironmentStringsW SetFilePointerEx GetFileInformationByHandleEx FileTimeToSystemTime TzSpecificLocalTimeToSystemTime MoveFileW CopyFileW SetErrorMode GetVolumePathNamesForVolumeNameW SetFileTime ExitThread DecodePointer LCMapStringEx RtlPcToFileHeader RaiseException GetCPInfo RtlUnwindEx LoadLibraryExW RtlUnwind EncodePointer GetStringTypeW FreeLibraryAndExitThread SystemTimeToTzSpecificLocalTime SetConsoleCtrlHandler GetCommandLineA GetConsoleOutputCP SetFileAttributesW SetStdHandle FlsAlloc FlsGetValue FlsSetValue FlsFree IsValidLocale EnumSystemLocalesW HeapQueryInformation GetFileSizeEx IsValidCodePage GetACP GetOEMCP GetLocalTime CreateFileW IsDebuggerPresent CheckRemoteDebuggerPresent CloseHandle DeviceIoControl GetCurrentProcess SetThreadExecutionState OpenProcess QueryFullProcessImageNameW CreateToolhelp32Snapshot Process32FirstW Process32NextW InitOnceBeginInitialize InitOnceComplete ReleaseSRWLockExclusive AcquireSRWLockExclusive InitializeSRWLock InitializeConditionVariable WakeAllConditionVariable SleepConditionVariableSRW WakeConditionVariable WaitForSingleObjectEx GetFullPathNameW MultiByteToWideChar MoveFileExA MoveFileExW GetStdHandle GetConsoleMode WriteConsoleW GetConsoleScreenBufferInfo SetConsoleTextAttribute GetProcessAffinityMask Sleep GetSystemTimeAsFileTime HeapAlloc HeapFree GetProcessHeap GetLastError GetCurrentThreadId GetModuleHandleW GetProcAddress LocalFree FormatMessageW WTSGetActiveConsoleSessionId ExpandEnvironmentStringsW CreateProcessW GlobalAlloc GlobalUnlock GlobalLock GetLocaleInfoW LoadLibraryA GlobalSize GetCurrentProcessId GetUserDefaultLangID FlushFileBuffers GetTickCount QueryPerformanceCounter MapViewOfFile CreateFileMappingW FormatMessageA GetSystemTime WideCharToMultiByte SystemTimeToFileTime GetFileSize LockFileEx UnlockFile HeapDestroy HeapCompact GetSystemInfo HeapReAlloc DeleteFileW DeleteFileA CreateFileA FlushViewOfFile OutputDebugStringW GetFileAttributesExW GetFileAttributesA GetDiskFreeSpaceA GetTempPathA HeapSize HeapValidate UnmapViewOfFile GetFileAttributesW WaitForSingleObject CreateMutexW GetTempPathW UnlockFileEx SetEndOfFile GetFullPathNameA SetFilePointer LockFile OutputDebugStringA GetDiskFreeSpaceW WriteFile HeapCreate ReadFile AreFileApisANSI InitializeCriticalSection EnterCriticalSection LeaveCriticalSection TryEnterCriticalSection DeleteCriticalSection GetVolumeInformationW GetLongPathNameW GetDriveTypeW GetConsoleWindow ExitProcess LocalAlloc LoadLibraryW CreateEventW WaitForMultipleObjects GlobalFree SetHandleInformation SetLastError GetModuleHandleExW InitializeCriticalSectionAndSpinCount TlsAlloc TlsGetValue TlsSetValue TlsFree SwitchToFiber DeleteFiber CreateFiber FindClose FindFirstFileW FindNextFileW GetEnvironmentVariableW GetFileType RtlVirtualUnwind ConvertFiberToThread ConvertThreadToFiber FreeLibrary SetConsoleMode ReadConsoleA ReadConsoleW CompareStringEx GetCommandLineW SetEnvironmentVariableW SetEvent DuplicateHandle SwitchToThread CreateThread GetCurrentThread SetThreadPriority GetThreadPriority TerminateThread ResumeThread ResetEvent TerminateProcess IsProcessorFeaturePresent QueryPerformanceFrequency GetTickCount64 GetSystemDirectoryW GetDateFormatW GetTimeFormatW GetCurrencyFormatW GetUserDefaultLCID GetUserPreferredUILanguages GetStartupInfoW GetModuleFileNameW GetCurrentDirectoryW CreateDirectoryW GetFileInformationByHandle GetLogicalDrives RemoveDirectoryW |
ole32.dll |
OleUninitialize
OleInitialize RevokeDragDrop OleSetClipboard CoLockObjectExternal CoInitialize CoCreateInstance CoUninitialize CoInitializeEx OleGetClipboard OleFlushClipboard OleIsCurrentClipboard CoTaskMemFree ReleaseStgMedium CoGetMalloc CoCreateGuid DoDragDrop StringFromGUID2 RegisterDragDrop |
SHELL32.dll |
#727
SHBrowseForFolderW SHCreateItemFromIDList Shell_NotifyIconW ShellExecuteW SHGetKnownFolderIDList SHCreateItemFromParsingName SHGetMalloc SHGetPathFromIDListW SHGetFileInfoW Shell_NotifyIconGetRect CommandLineToArgvW SHGetKnownFolderPath SHGetStockIconInfo |
USER32.dll |
CreateIconIndirect
CreateCursor LoadCursorW RegisterDeviceNotificationW GetIconInfo GetCursorInfo RegisterClassW EnumDisplayDevicesW GetClipboardFormatNameW TrackMouseEvent GetMessageExtraInfo GetAsyncKeyState GetTouchInputInfo CloseTouchInputHandle GetWindowTextW EnumWindows UnregisterDeviceNotification RealGetWindowClassW GetCursor SetCursorPos TrackPopupMenuEx MapVirtualKeyW ToUnicode ToAscii ChangeWindowMessageFilterEx MessageBoxW DrawIconEx GetProcessWindowStation GetUserObjectInformationW TranslateMessage DispatchMessageW GetQueueStatus MsgWaitForMultipleObjectsEx SetTimer KillTimer SetWindowsHookExW UnhookWindowsHookEx CallNextHookEx PostThreadMessageW CharNextExA RegisterHotKey SetWindowPos SetWindowDisplayAffinity GetSystemMetrics GetDoubleClickTime IsWindow MessageBeep GetCaretBlinkTime GetDesktopWindow SystemParametersInfoW UpdateLayeredWindowIndirect SendMessageW PostMessageW AttachThreadInput DefWindowProcW CreateWindowExW IsChild DestroyWindow ShowWindow UpdateLayeredWindow SetLayeredWindowAttributes FlashWindowEx MoveWindow GetWindowPlacement SetWindowPlacement IsWindowVisible IsIconic SetFocus RegisterTouchWindow UnregisterTouchWindow IsTouchWindow GetCapture SetCapture ReleaseCapture GetMenu GetSystemMenu EnableMenuItem GetForegroundWindow SetForegroundWindow GetDC ReleaseDC BeginPaint EndPaint GetUpdateRect SetWindowRgn InvalidateRect SetWindowTextW GetClientRect GetWindowRect AdjustWindowRectEx SetCursor ClientToScreen ScreenToClient GetWindowLongW SetWindowLongW GetWindowLongPtrW SetWindowLongPtrW GetParent SetParent GetWindowThreadProcessId GetWindow DestroyCursor DestroyIcon MonitorFromPoint GetAncestor GetKeyboardLayoutList RegisterPowerSettingNotification UnregisterPowerSettingNotification UnregisterClassW GetClassInfoW RegisterClassExW GetFocus GetKeyboardState WindowFromPoint ChildWindowFromPointEx GetSysColorBrush LoadImageW SetMenu DrawMenuBar CreateMenu CreatePopupMenu DestroyMenu InsertMenuW AppendMenuW ModifyMenuW RemoveMenu TrackPopupMenu GetMenuItemInfoW SetMenuItemInfoW MonitorFromWindow GetMonitorInfoW EnumDisplayMonitors GetSysColor LoadIconW IsHungAppWindow SetClipboardViewer ChangeClipboardChain RegisterClipboardFormatW GetKeyboardLayout RegisterWindowMessageW IsWindowEnabled CreateCaret DestroyCaret HideCaret ShowCaret SetCaretPos FindWindowA PeekMessageW IsZoomed GetKeyState GetCursorPos |
WINMM.dll |
timeSetEvent
PlaySoundW timeKillEvent waveOutRestart waveOutPause waveOutWrite waveOutUnprepareHeader waveOutPrepareHeader waveOutClose waveOutReset mixerGetControlDetailsW mixerGetLineControlsW mixerGetID mixerGetLineInfoW waveInReset waveInStart waveInAddBuffer waveInUnprepareHeader waveInPrepareHeader waveInClose waveInOpen waveInGetDevCapsW waveInGetNumDevs waveOutOpen waveOutGetDevCapsW waveOutGetNumDevs mixerSetControlDetails |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 5.3.2.32 |
ProductVersion | 5.3.2.32 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
CompanyName | SpotPlayer |
FileDescription | SpotPlayer |
FileVersion (#2) | 5.3.2.32 |
LegalCopyright | © All Rights Reserved. |
OriginalFilename | SpotPlayer.exe |
ProductName | SpotPlayer |
ProductVersion (#2) | 5.3.2.32 |
Resource LangID | English - United States |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2023-Jan-02 00:48:36 |
Version | 0.0 |
SizeofData | 1148 |
AddressOfRawData | 0x1395390 |
PointerToRawData | 0x1393990 |
StartAddressOfRawData | 0x141395840 |
---|---|
EndAddressOfRawData | 0x141395f81 |
AddressOfIndex | 0x1416d2bd8 |
AddressOfCallbacks | 0x140f297b8 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_ALIGN_16BYTES
|
Callbacks |
0x0000000140EC79E4
0x0000000140EC78A4 |
Size | 0x140 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x1414cc7e8 |
XOR Key | 0x403fc451 |
---|---|
Unmarked objects | 0 |
ASM objects (30795) | 27 |
C++ objects (30795) | 217 |
253 (31823) | 7 |
C++ objects (31823) | 96 |
C objects (31823) | 20 |
ASM objects (31823) | 33 |
C objects (CVTCIL) (30795) | 1 |
C objects (VS2019 Update 1 (16.1) compiler 27702) | 556 |
C objects (VS2019 Update 11 (16.11.9) compiler 30139) | 178 |
C objects (30795) | 66 |
C++ objects (VS2019 Update 11 (16.11.9) compiler 30139) | 852 |
Imports (30795) | 41 |
Total imports | 625 |
Unmarked objects (#2) | 62 |
C objects (VS2019 Update 11 (16.11.13) compiler 30143) | 225 |
C++ objects (31937) | 49 |
Resource objects (31937) | 1 |
151 | 1 |
Linker (31937) | 1 |