Advanced File Analysis System

File Name: 9ab9dee.png

File Type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows

SHA1: 7540a230b8c02792e36bdce86d1b356ce4714413

MD5: 58dd57ddbf71a45097698cc91f378ad2

CREATED / DROPPED FILES

File Path	Type and Hashes

MATCH YARA RULES

Match Rules

STATIC FILE INFO

File Name:	9ab9dee.png
File Type:	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
SHA1:	7540a230b8c02792e36bdce86d1b356ce4714413
MD5:	58dd57ddbf71a45097698cc91f378ad2
First Seen Date:	2017-05-30 23:50:13.044374 ( 2017-05-30 23:50:13.044374 )
Number of Clients Seen:	4
Last Analysis Date:	2017-05-30 23:50:13.044374 ( 2017-05-30 23:50:13.044374 )
Human Expert Analysis Result:	No human expert analysis verdict given to this sample yet.

ADDITIONAL FILE INFORMATION

PE Headers

Property	Value
number of sections	8
compilation time stamp	0x0 [Thu Jan 1 00:00:00 1970 UTC] [SUSPICIOUS]
LegalCopyright	\u24d2 Daum Kakao Corp. All rights reserved.
InternalName	Daum \ud31f\ud50c\ub808\uc774\uc5b4
FileVersion	0, 0, 0, 0
CompanyName	Daum Kakao
SpecialBuild	Daum Kakao
Comments	PotPlayer
ProductName	PotPlayer
ProductVersion	0, 0, 0, 0
FileDescription	PotPlayer
OriginalFilename	PotPlayer
Translation	0x180c 0x04e4
entry point	0x4025db (.text)
machine type	Intel 386 or later - 32Bit
file size	520305
sha256	34ae92b8f544a4e5946d1ca41d1cedf2a2721e326f3c5c9f614fc5c26fc2c364
mime type	application/x-dosexec

PE Sections

Name	Virtual Address	Virtual Size	Raw Size	Entropy	MD5
.text	0x1000	0x11000	0x10e00	6.24060037854	092e48f2a98e63041d008ee477be62cf
.data	0x12000	0xd7b4	0xd800	6.12675669853	5109055eb6c2b1d8193670a97fd4230d
.rdata	0x20000	0x58e84	0x59000	5.67654002888	50e5ad11ac0deb0733a0806bdc91022f
.bss	0x79000	0x3000	0x0	0.0	d41d8cd98f00b204e9800998ecf8427e
.idata	0x7c000	0x1d34	0x1e00	5.47299244795	3d2d76ea14ba1e958f88ead333ad89f0
.CRT	0x7e000	0x34	0x200	2.83102821747	5e79b5a8041d4f6c9284ee8a543dd958
.tls	0x7f000	0x20	0x200	0.984124452212	4dbf1898d37eabf086c1c389396e38f2
.rsrc`	0x80000	0x51e8	0x5200	3.08893501949	2800d874b3a3ec080d89ba92564b899c

PE Imports

COMCTL32.dll
- _TrackMouseEvent
- InitMUILanguage
- PropertySheetA
- CreatePropertySheetPageW
- PropertySheetW
- FlatSB_SetScrollInfo
- ImageList_SetBkColor
- CreatePropertySheetPageA
WINMM.dll
- timeSetEvent
- mmioRead
- midiOutPrepareHeader
- mciGetErrorStringA
- mciDriverYield
- mmioAscend
- timeBeginPeriod
- mciSendStringA
- mmioDescend
- waveOutGetPosition
- mmioOpenA
- timeEndPeriod
ADVAPI32.dll
- QueryRecoveryAgentsOnEncryptedFile
- LsaOpenTrustedDomain
- FreeEncryptedFileKeyInfo
- AccessCheckByTypeResultList
- SystemFunction033
AVIFIL32.dll
- IID_IAVIStream
- AVISaveA
- EditStreamCopy
- AVIStreamOpenFromFileW
- AVISaveVW
- EditStreamSetNameA
- AVIFileGetStream
- AVIFileOpenW
- EditStreamSetInfoW
- AVIFileCreateStreamA
- AVIBuildFilterW
- AVIStreamEndStreaming
- EditStreamSetInfoA
- EditStreamPaste
- AVIFileEndRecord
- AVIStreamSetFormat
- AVIFileInit
- AVIStreamLength
- AVIStreamInfoW
- AVIFileCreateStreamW
- AVIFileReadData
- AVIStreamSampleToTime
- EditStreamCut
- AVIFileOpenA
- AVIBuildFilterA
- AVIStreamAddRef
- AVIFileInfoA
- AVIStreamStart
- AVIStreamOpenFromFileA
- AVIMakeStreamFromClipboard
- IID_IAVIEditStream
- AVISaveVA
- AVIStreamInfoA
- AVIFileRelease
- AVIStreamWriteData
- AVIStreamFindSample
- CreateEditableStream
- AVIStreamRead
- AVIMakeFileFromStreams
- AVIPutFileOnClipboard
- AVIClearClipboard
- AVIStreamGetFrameClose
- AVIStreamRelease
- AVISaveOptions
- AVISaveW
- IID_IAVIFile
- AVIStreamReadFormat
- AVIFileExit
- AVIFileInfoW
- EditStreamClone
- EditStreamSetNameW
- AVIStreamCreate
- AVIFileAddRef
- AVIGetFromClipboard
- AVIStreamTimeToSample
- AVIStreamGetFrame
- AVIStreamBeginStreaming
- AVISaveOptionsFree
- AVIFileWriteData
- AVIStreamReadData
- AVIStreamGetFrameOpen
- AVIStreamWrite
- IID_IGetFrame
- AVIMakeCompressedStream
GDI32.dll
- DeleteObject
- DeleteDC
- GetPixel
- TextOutW
- SetDIBits
IMM32.dll
- ImmSetCompositionWindow
- ImmDestroySoftKeyboard
comdlg32.dll
- GetSaveFileNameA
- GetOpenFileNameW
- dwLBSubclass
- GetSaveFileNameW
- CommDlgExtendedError
- GetOpenFileNameA
DINPUT.dll
- DirectInputCreateA
- DirectInputCreateW
- DirectInputCreateEx
OLEAUT32.dll
- SysFreeString
- VarDecAbs
- SysAllocString
SHELL32.dll
- SHGetFileInfoW
- SHGetPathFromIDListA
- SHGetPathFromIDListW
- Shell_NotifyIconW
- DragQueryFileW
- SHBrowseForFolderA
- SHGetSpecialFolderPathW
- DragQueryFileA
- ShellExecuteExW
- SHGetSpecialFolderPathA
- SHFileOperationA
- SHBrowseForFolderW
KERNEL32.dll
- SetThreadPriority
- HeapCreate
- CompareStringA
- GetConsoleCP
- OpenProcess
- MulDiv
- SetFilePointer
- HeapAlloc
- GetACP
- ReadFile
- CreateThread
- LoadLibraryExA
- CreateFileW
- FindFirstFileA
- QueryPerformanceCounter
- FindNextFileW
- ExitProcess
- GetFileAttributesW
- InterlockedDecrement
- InitializeCriticalSection
- TlsAlloc
- CreateProcessW
- VirtualFree
- GetConsoleOutputCP
- DeleteCriticalSection
- RemoveDirectoryW
- GetCPInfo
- TlsGetValue
- GetModuleHandleW
- GetLongPathNameA
- FreeEnvironmentStringsA
- TlsFree
- MoveFileWithProgressW
- OpenEventA
- GetProcessHeap
- WriteConsoleA
- GetVersion
- LoadLibraryExW
- WriteConsoleW
- GetCurrentProcess
- CreateFileA
- IsValidCodePage
- MoveFileWithProgressA
- DeleteFileW
- CreateDirectoryExA
- FlushFileBuffers
- CloseHandle
- CopyFileExW
- LoadLibraryW
- LoadLibraryA
- LeaveCriticalSection
- FindFirstChangeNotificationW
- WaitForMultipleObjects
- FreeLibrary
- WriteProcessMemory
- GetLongPathNameW
- GetModuleFileNameW
- WaitForSingleObject
- FindFirstChangeNotificationA
- GetStringTypeA
- RtlUnwind
- Sleep
- SetEnvironmentVariableA
- GetConsoleMode
- MoveFileW
- GetDateFormatA
- RaiseException
- IsDebuggerPresent
- GetModuleHandleA
- FindFirstFileExW
- SetHandleCount
- MoveFileExW
- ReadProcessMemory
- CreateDirectoryExW
- CompareStringW
- GetVersionExA
- WriteFile
- GetProcAddress
- EnterCriticalSection
- TlsSetValue
- SetLastError
- InterlockedExchange
- FindFirstFileExA
- GetModuleFileNameA
- CreateEventA
- GetLocaleInfoA
- GetLastError
- SetUnhandledExceptionFilter
- GetStdHandle
- InterlockedCompareExchange
- FindNextFileA
- GetDateFormatW
- GetOEMCP
- HeapSize
- CreateProcessA
- SetEvent
- CreateDirectoryA
- HeapFree
- CopyFileW
- GetFileAttributesExW
- MoveFileA
- SetEndOfFile
- FindFirstFileW
- ResetEvent
- SetStdHandle
- GetCommandLineA
- GetStringTypeW
- FreeEnvironmentStringsW
- GetFileAttributesA
- GetFileType
- GetFileAttributesExA
- GetStartupInfoA
- SetErrorMode
- GetCommandLineW
- GetThreadPriority
- CreateDirectoryW
- GetCurrentProcessId
- DeleteFileA
- RemoveDirectoryA
- LCMapStringW
- GetCurrentThread
- MoveFileExA
- HeapReAlloc
- InterlockedIncrement
- QueryPerformanceFrequency
MSVFW32.dll
- ICInstall
- ICSendMessage
- MCIWndRegisterClass
- ICClose
- ICGetInfo
DDRAW.dll
- DDGetAttachedSurfaceLcl
- DSoundHelp
- GetSurfaceFromDC
USER32.dll
- GetIconInfo
- FlashWindowEx
DSOUND.dll
- None
- None
- None
- None

PE Resources

RT_ICON

RT_STRING

RT_GROUP_ICON

RT_VERSION

RT_MANIFEST

CERTIFICATE VALIDATION

Loading...