11d9073c7d3440aa6f325c78339924fa3b886514a1ec359d0d9a84c04e201090

Analysis

max time kernel
153s
max time network
53s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
12-10-2022 04:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

03143534.exe
Size

149.9MB
MD5

977e4c8eb63abf3949da2cfbff0a2879
SHA1

9e37ec2dfe85427e76bc56cae149bad9bf216bca
SHA256

11d9073c7d3440aa6f325c78339924fa3b886514a1ec359d0d9a84c04e201090
SHA512

963763e4cf04313fea911dc73ae3347506b03956d00fe32ee0754fb6b03d61cfab8145d94299e064dda1a31e88fc10195dd4c8e825790296af170c9123928657
SSDEEP

3145728:Qebj8nC2dOuJ+e1ua3xGpdGtHZ8jcXuuyk7I2teBt5h/BH86k8MY:xw7OK3u0gdG9ZSAyk7IQAt5hK6Zz

Score

8^/10

discovery link pdf

Malware Config

Signatures

Executes dropped EXE 3 IoCs

Processes:

BJSLClient.exebjyclient.exebjyclient.exe

pid process

1404 BJSLClient.exe
1724 bjyclient.exe
908 bjyclient.exe

pid	process
1404	BJSLClient.exe
1724	bjyclient.exe
908	bjyclient.exe

Loads dropped DLL 53 IoCs

Processes:

03143534.exeBJSLClient.exebjyclient.exebjyclient.exe

pid	process
2016	03143534.exe
2016	03143534.exe
2016	03143534.exe
2016	03143534.exe
2016	03143534.exe
2016	03143534.exe
1404	BJSLClient.exe
1404	BJSLClient.exe
1404	BJSLClient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
1724	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe
908	bjyclient.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

Processes:

03143534.exe

description	ioc	process
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_JA\Desktop.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\AreaTool.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\Sentence.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-CN\Sentence.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\crash_reporter.cfg	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\AppSharePanel.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_course_record_pause_hot.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_forward_normal.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\AreaTool.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\chat.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\TeamViewerQS.exe	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\avutil-55.dll	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-CN\AppSharePanelForSmallClass.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-CN\region_hover_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\AreaTool.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\client_icon.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_JA\UIRecordFileWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\AppSharePanelForSmallClass.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_JA\full_hover_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_JA\stop_share_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\AreaSelection.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\Desktop.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\chat.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\common.dll	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_scrncap_save_normal.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\chat_hover_new.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\plugins\bjyppapi-video.dll	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\record_close_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_EN\UICourseRecordToolWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\UIRecordBtnWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\region_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-CN\UINotifyBoxWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\DesktopForSmallClass.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\libcnedll.dll	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_scrncap_finish_push.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\UINotifyBoxWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\DesktopForSmallClass.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_VI\record_start_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-CN\AppSharePanel.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\AreaSelection.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\1_.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_scrncap_save_hot.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\d3dcompiler_47.dll	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_course_record_stop_hot.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_EN\region_hover_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\AreaSelection.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\Desktop.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\record_start_btn_press.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\Recorder.exe	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\activate_code.lic	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\html\error_en.html	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\vppres\filters\filter_style_process_1.4.0.model	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_EN\stop_share_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\UIScrnCapToolWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ID\region_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-CN\Desktop.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\Sentence.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\vppres\filters\filter_style_curve_1.4.0.model	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\lua.dll	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_EN\UICourseRecordTipWnd.xml	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_course_record_start_hot.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_COMMON\btn_reload_normal.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_EN\region_btn.png	03143534.exe
File created	C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DSRES_ZH-HK\AppSharePanel.xml	03143534.exe

HTTP links in PDF interactive object 4 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

Processes:

resource	yara_rule
\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe	pdf_with_link_action
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe	pdf_with_link_action
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe	pdf_with_link_action
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe	pdf_with_link_action

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies registry class 13 IoCs

Processes:

BJSLClient.exe03143534.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\open\command\ = "\"C:\\Program Files (x86)\\bjcloud\\BJSLClient.exe\" \"%1\""	BJSLClient.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\ = "URL:baijiacloud Protocol"	03143534.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\DefaultIcon	03143534.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell	03143534.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\	03143534.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\open	03143534.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\open\command	BJSLClient.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud	03143534.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\URL Protocol	03143534.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\DefaultIcon\ = "C:\\Program Files (x86)\\bjcloud\\cloudclassroom_pro\\BJYLaunch.exe"	03143534.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\open\	03143534.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\open\command	03143534.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\baijiacloud\shell\open\command\ = "\"C:\\Program Files (x86)\\bjcloud\\BJSLClient.exe\" \"%1\""	03143534.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

Processes:

03143534.exeBJSLClient.exe

pid process

2016 03143534.exe
2016 03143534.exe
1404 BJSLClient.exe

Suspicious use of WriteProcessMemory 8 IoCs

Processes:

BJSLClient.exebjyclient.exe

description	pid	process	target process
PID 1404 wrote to memory of 1724	1404	BJSLClient.exe	bjyclient.exe
PID 1404 wrote to memory of 1724	1404	BJSLClient.exe	bjyclient.exe
PID 1404 wrote to memory of 1724	1404	BJSLClient.exe	bjyclient.exe
PID 1404 wrote to memory of 1724	1404	BJSLClient.exe	bjyclient.exe
PID 1724 wrote to memory of 908	1724	bjyclient.exe	bjyclient.exe
PID 1724 wrote to memory of 908	1724	bjyclient.exe	bjyclient.exe
PID 1724 wrote to memory of 908	1724	bjyclient.exe	bjyclient.exe
PID 1724 wrote to memory of 908	1724	bjyclient.exe	bjyclient.exe

C:\Users\Admin\AppData\Local\Temp\03143534.exe
"C:\Users\Admin\AppData\Local\Temp\03143534.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:2016

C:\Program Files (x86)\bjcloud\BJSLClient.exe
"C:\Program Files (x86)\bjcloud\BJSLClient.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1404

C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe
"C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe" --disable-features=MediaFoundationVideoCapture --disable-accelerated-video-encode
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1724

C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe
"C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\bjyclient.app\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\bjyclient.app\User Data" --url=http://api.baijiayun.com/web/client/reportCrashInfo --annotation=platform=win32 --annotation=product=bjyclient --annotation=version=8.1.3.0621 --initial-client-data=0x26c,0x270,0x274,0x248,0x278,0x74b92518,0x74b92528,0x74b92534
3⤵
- Executes dropped EXE
- Loads dropped DLL
PID:908

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\bjcloud\BJSLClient.exe
Filesize
1.1MB

MD5
314626043175b6543a8504238737ce6a

SHA1
c7538ce50e83839be57962e2a38a21574ebc37df

SHA256
0b721fb8f19d60f47de5fcf648eb9148d8078413c1345eaa59af37f36cfcd1ec

SHA512
ed4b9827e74a043ca6a65e874693bc4addd1b71a77d711e1c4884390722abf9ba92d878a04a2921dac68178f01414979754960065c181f57f1db73ddd997024a

Download Submit
C:\Program Files (x86)\bjcloud\BJSLClient.exe
Filesize
1.1MB

MD5
314626043175b6543a8504238737ce6a

SHA1
c7538ce50e83839be57962e2a38a21574ebc37df

SHA256
0b721fb8f19d60f47de5fcf648eb9148d8078413c1345eaa59af37f36cfcd1ec

SHA512
ed4b9827e74a043ca6a65e874693bc4addd1b71a77d711e1c4884390722abf9ba92d878a04a2921dac68178f01414979754960065c181f57f1db73ddd997024a

Download Submit
C:\Program Files (x86)\bjcloud\ProductConfig.xml
Filesize
3KB

MD5
93f9df13049d202820079415d54bd420

SHA1
c80520ee199c08cc07e392739ce40e6b96838c9a

SHA256
c619d87fe357f04927a93a8502626db9c79649521f76f0fed5f8c73cf2ddb19a

SHA512
77dd63eb72d531697064e39e31d30bd09d244bd4dcdc8ab6be6083fcc618836f533d9a4096fe4a05351e207de69b93ad36309a9203bd7b34e832b7883d088b3f

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\AVCapture.dll
Filesize
2.1MB

MD5
ac5088b49212a362c857f1c1924f4738

SHA1
33ca803967d374261f29f738761ade74c8204c01

SHA256
c1177b3811cb437613351f1cdde6b7dbb9d809a1b02fc5a3b154ca46733d7c2e

SHA512
bf49524d3c550925f6ff38a2f2ccd4b8b72a0459954ea9a09effc8fb6a0e4cad32801342b8d900fd2e994bde7f755006cbbadb3792a99e2d96e7770c2d6dc103

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\AVDeviceListener.dll
Filesize
158KB

MD5
0af0faaf3932a72f5b8270c84f44343c

SHA1
864416ac8fdde14468e449d864aeb93121b8b1a9

SHA256
cdd3411ac3b84fa55c3cb295d4b3b93e21a4b08676917b9d4021a0e069a78723

SHA512
99c275deef41c01e3fd1873b9886bf98f5a9d50decb58cf3d87b6cbd252056965a2ee5893e31acdedada849fcfc1f85af77ea5570049548d780ea57a25e5a0f3

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\AVSDK.dll
Filesize
3.9MB

MD5
51873b24c75b8666aa77cd9abc2fc14b

SHA1
699eb5a856fa574436749e35e828a96a6fd3414e

SHA256
4c460e5e9a7562352b2f329ef84582cb97aeb73a152b65009fe693334d35c4ac

SHA512
eab296399098ed422737ef17d7314790a55ee331724966d1fbbb4f0b470ef6f668813b89b8f738ac01d00acaefc18e3ffd910973744865ff67c860462381b299

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\BaseLib.dll
Filesize
246KB

MD5
7de5001ea55c17bb529e727fcca9c3dc

SHA1
b2e81ffb8d3e95a767477f81814202d6f39d7841

SHA256
75332b2094adc17f6f1f8003b5489ad65f0092d4eb40af8b919a463fe5c85e1f

SHA512
5b4830d44460acbcbfee076a7b29a1039514cbded0c843be1ec146dd6a1351305abc04b8b2342bd28d3b8fd1b749ee01077f6f9a5853636c1850a87c33c0d02f

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DesktopCapture.dll
Filesize
370KB

MD5
360ce0ffbc91aeab2349076600455dd2

SHA1
18248c7ca91447315158171701c8a3edf19e5a8e

SHA256
c8db3cd47c46a4891f462214210c3c6f6d1c38e3342908ed69f9101d77463c10

SHA512
4216347b7c8301908057fe36f0b47262ff51ed046798938457e056f60982530c8b205a2c089632508f366727cf75779ca4ff7f256eaf32b10449efb69c1f02ab

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\DuiLib-1.dll
Filesize
573KB

MD5
2fe319f6f4661dcea975da0259ed2008

SHA1
b7620e32e1c11c459dc218cf9c65b4a91696c321

SHA256
48123b0cb56f8963cb7d57e5aa68437039f2197a14483200dd260e0b8060b490

SHA512
286e3f3e26b8ec515dd6d33962a44a50e785abd1002476aa16df74464266ae2ac4bf679316284dde6a2ec4cd37570cded28e7f4cc7210db5ae0140a3c78177da

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\MediaPlayer.dll
Filesize
367KB

MD5
dc3b8617dc73410a4a311aa04f3d616d

SHA1
327c8467cab6962df3a2344086129811dee0cce3

SHA256
43c71b9b1fbaea75b321cf1a3674ec20e2f59f3956d2179e6aa5daedb5e9f31d

SHA512
a8b1f5d2fa6fe367cefe29cdfda807b42eb35b38ca87490c60127d613bda46d906b3c7c4b723093cec58d12043b6b18b86bf57a6bdaab53b53c8065dedc0a123

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\ProductConfig.xml
Filesize
3KB

MD5
93f9df13049d202820079415d54bd420

SHA1
c80520ee199c08cc07e392739ce40e6b96838c9a

SHA256
c619d87fe357f04927a93a8502626db9c79649521f76f0fed5f8c73cf2ddb19a

SHA512
77dd63eb72d531697064e39e31d30bd09d244bd4dcdc8ab6be6083fcc618836f533d9a4096fe4a05351e207de69b93ad36309a9203bd7b34e832b7883d088b3f

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\RtmpAgent.dll
Filesize
460KB

MD5
a47c748f8bca2bb860fa2ee8e9f5f728

SHA1
fc2c0fd6837a7282c7ee549d6347faeb0ceffac8

SHA256
4534ce32fb0b859b00302eb22125152d45e7cf7eec7d80364cf0fb3a75c10651

SHA512
0eacc32d6161bfceed16d39ee53e6450f8ee3ff6e92e6df75f85bfc2284813225a3d0446bd13deb27ff4498252c76acd33b015af804f5d49513702869f6db101

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\SDL2.dll
Filesize
758KB

MD5
95e254afb7cb6ff74a02e6a97cdac34a

SHA1
ed113edc8549dc773ed4d0f877290bca1218308e

SHA256
4ce00fd54159bc44f832ec885158d1140653dfc27632299319c6c1758e4edd16

SHA512
71e240141d1e6691a98b9c5ef584b57482e8adfd058b6d6492fd84b07ffade8a098bc2fdffe719534c4ff537e0e650273bdf78d244c8239a4b31a60172486f12

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\avcodec-57.dll
Filesize
8.0MB

MD5
99494504c463417391014f8de60e40e2

SHA1
4401bfc60d2704874fde3530e5c77966fb7dd494

SHA256
66b08fbcffe266907e9b8a3cdff2461bad5ddd8c4a06eddbefa995fb1180a146

SHA512
0c88cbb72e7fe0c5b0589cfce94a51d677e954280cc936261a9d42d7947e31d0a169129c6d397b41f65faf8aa975bf01ae82724200ff01797058e22aba86fd86

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\avformat-57.dll
Filesize
1.7MB

MD5
06930c559d2d56d2456e9f2bd7befe0c

SHA1
6506196af4a3dfdc7264363d73c911f7a4330ab0

SHA256
97b18919e91b29bd7255f00476b6b152138baabf82f0bffb8d7fd286fedae16a

SHA512
d307350248d8b324575d359d69684892decf53b4da3fcb34848844cbe3dbd78786ede710b86c8665e24821249998bd8c15c566f5fa60ed507a773e7c2cbf578c

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\avutil-55.dll
Filesize
600KB

MD5
6276efb8267bc8177e9f7fafe4b3c1f2

SHA1
830ef650b71882efbab8a944c4d3c40f86d74b89

SHA256
0b27df60f53a5b87147a9bf033d03197f90aab10c9a8dabfa001a70c76ea5ee3

SHA512
b7e81b1676dbe40cba9dbd7dd61be19aa313cb3b2c0bbfb73e1f49245954dcb59f7da38a8b8826dc4fd1e6fb45ab6cfc3a4ea477e827018f8c05b6524d165bb2

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe
Filesize
5.3MB

MD5
c02de1d516626a3c763b20e72b16876c

SHA1
5ca47924de6e196431aeaee1191835026f167a06

SHA256
504df25da1b85b6c93650327524dc577dfa0c2af2f27a24b2abc5ce308fc3f20

SHA512
1d67975e6b5416b6f9959f103d9fd6b7e849b7cb6a2de0f984c48170f6ea19fc72049283d9e02e2a840649c2b07438cf1cd9080e82b507beaab541a31a024be9

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe
Filesize
5.3MB

MD5
c02de1d516626a3c763b20e72b16876c

SHA1
5ca47924de6e196431aeaee1191835026f167a06

SHA256
504df25da1b85b6c93650327524dc577dfa0c2af2f27a24b2abc5ce308fc3f20

SHA512
1d67975e6b5416b6f9959f103d9fd6b7e849b7cb6a2de0f984c48170f6ea19fc72049283d9e02e2a840649c2b07438cf1cd9080e82b507beaab541a31a024be9

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe
Filesize
5.3MB

MD5
c02de1d516626a3c763b20e72b16876c

SHA1
5ca47924de6e196431aeaee1191835026f167a06

SHA256
504df25da1b85b6c93650327524dc577dfa0c2af2f27a24b2abc5ce308fc3f20

SHA512
1d67975e6b5416b6f9959f103d9fd6b7e849b7cb6a2de0f984c48170f6ea19fc72049283d9e02e2a840649c2b07438cf1cd9080e82b507beaab541a31a024be9

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\chrome_elf.dll
Filesize
918KB

MD5
6801cd7f6dcd4e282ee3a69d0c697117

SHA1
24f814b4d97ed48f78186c6f036768c459e01568

SHA256
0915d0d18cd0f6146c412072ce6962c9d323cf8f7886c80d4f2164ef3fe88904

SHA512
05b01e264a7452fe25a20858a43d98052fcf80574a3abeb05877aa0caa1161e17d749abb171fae1375759c9287aab62b9bfd834cbf525762597ea86b8b82a36c

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\crash_reporter.cfg
Filesize
197B

MD5
6ec53d4db640a4bcce0c0ebe82c37295

SHA1
75ae1e9b09e3b6be757bb2b44260f5d3d1fbf263

SHA256
027868645cffada55a35114622cb1e03759f7f5f3863034849aeb5c8a9f9fc12

SHA512
ba4f3a04c3fb646dc229933db02319e841801158b65084e823a1759677e0334be96993c97ee94013635f0538803496ac30d6ca4d24c2ff6caf911638e457f00b

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\fdk-aac-1.dll
Filesize
782KB

MD5
e32f60e0ed625d229226dde03c9e9a85

SHA1
f7795536e1bd7f5014ce5c68caa9e66b4943f4bc

SHA256
dd0c9ce8465b1d6291acb5589da581fbe297e8456b2f51cefbce6d5911d33da5

SHA512
4a40aec0db0a2154389c10ea8b1398c8001509cd1cf7c4add8df2f4f027265225f8d1ee3ac287c8ddd6f10bcadd9e74ce1cedd6f708230ca1d6062696978abd1

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\libcef.dll
Filesize
75.9MB

MD5
7b6ea183bbc71aa37360b40bcf64c97c

SHA1
ef0f315ef34f88e29f463a376428c359dfb1110e

SHA256
447190eb7e92e907b8086c47698a55ddc0490873e32db164d748fe1babbeacf5

SHA512
cf89c47ddb4febcc8724f4e6ee4c11eb5dcee8332e1b45cec4c40780c26bdb55726d3d32e2b6b7ab493eb62b6300030d47ef4c2f58d1c59b8156629200d517a1

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\libcnedll.dll
Filesize
1.0MB

MD5
b25009551ac428bc2a8d0c9cfd06dd96

SHA1
f6e48e56f75a35c9daf444bef39509f6c0774721

SHA256
dcf7e2ca135440a03dcddbcb6a8bcdf266dd9c989874a6b83a6b4d0b091a7887

SHA512
0b86504a2e3658e4a866b6ac7ff25d48b86e963761abf5c97de10ac424b24c792890104214a84ac107587be6347115673fb29dde8c0f380c6eed921f42d6a390

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\libiconv2.dll
Filesize
877KB

MD5
331f570aa7c20bc93deb7b237b21cc9c

SHA1
2d9ff158ffa0161aac3aa2197c361bc56369a308

SHA256
3ec2d1a924ef6f19f2db45e48b9cf4b74a904af5720100e3da02182eee3bcf02

SHA512
89960144cef6ff89c11cc3fd14c62c2633f418919c72d3c9082143bf602d51fd9c6c8870f6f194cb2ccaaf4e19f5e13825bf036d5cfd3721cbd7514e890a87b3

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\libintl3.dll
Filesize
101KB

MD5
d202baa425176287017ffe1fb5d1b77c

SHA1
192e597d8ff0192f6c4e4643361f84277ed51121

SHA256
f48ce1866602b114e653c876334b771107559acf1c685373d2305034613958f0

SHA512
706d74c56ce8d08539c729bdb6c8d57c9a4b0a1c795b8574a1bb2c452358e1bfd5d4fca5a00ab7568dea4ae02c553ce6ab199b3c6418a44cb8915f7e26bd2988

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\libx264-152.dll
Filesize
1.0MB

MD5
fc76075403e0d824c8217da9ea502b6f

SHA1
ee31c4dacd9d074d29ba9d33800766234662d473

SHA256
89e6bb3a8d097698ed02570b5d618a3c8659a641e3439c4842b9bd56f5b7ac04

SHA512
b9a3a9f42b3f586932960770f715ee5358e90b765d61bd45252cb81f242d9ceb81fafa5a4bd3bc516669bb27380f97971f5804bfd71301a8475303bcf702b19a

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\swresample-2.dll
Filesize
187KB

MD5
4f428cc379f9af9916b37ed26b4891c2

SHA1
050a957768a099d5052b185dec38fb9882be853c

SHA256
fae58b5b7d42594c90cb45f06784da3130eecbec63455ac402fdcb0edac006e6

SHA512
101b38fd3f36b7007eb0c1e8bef2c287db7dff212af205865921f461384d221313c69faab794bc1d1d9b5b00493e95aa932b4ba983e3cad3f0d912c4a9588cad

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\swscale-4.dll
Filesize
509KB

MD5
dabd8f86988ce739554ada6345189120

SHA1
122537b764d12b3bcbb420b8804041b38a11de51

SHA256
0558058f849818f30841c58f95bd02ded00eb902fab39f39a92e38e243bf4529

SHA512
966c235de9413202574af4205b628349a753037a248d87b3b886a5d52db71069ee70531ae1835a0fb455ad0609047e7f0dd39cfd9bd2a3a8f5ca281da04a3d8c

Download Submit
C:\Program Files (x86)\bjcloud\cloudclassroom_pro\xy_sdk.dll
Filesize
308KB

MD5
0e1bde3eaca95b237b2b0f9c5b904f3b

SHA1
3b57a7d827680c6e12ec19d9692947b60b8d5cf1

SHA256
e283790dd1ed0e6b5d660289fc62825bafdaf21db933be73adce1cb5c3356e06

SHA512
b2ceb912b0bdd7768cdd56b08b28e893854a2a7af5ea825223c63fdfe0effcb19c4c3792bba31a962004c9af9a76b9ba9407880ce054296a2e9780946f990592

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Classroom\Online Classroom.lnk
Filesize
1KB

MD5
a308da155bf2604d4abc092cf527ca92

SHA1
2cd75b53581490da8bc0a0aee99dfc636de21e60

SHA256
3e5dc9fb44395337d2c4bf29eed4bf48f060060921ecfdd089792ffddc16d889

SHA512
100578c595e5f26d66384d63a7e530eabf03b353a1ee5d008fdf004a5f37e2c4bd14e01ac5ad06b3dd31534a3b09581d865952342967fef5603811e7ca1e3b2b

Download Submit
C:\Users\Public\Desktop\Online Classroom.lnk
Filesize
1KB

MD5
836552b816acf7855b01cc3883b09bcd

SHA1
e7a4e383f2a785e4f72b8c5779f7b2ed4920312b

SHA256
acd72b8f1fafd1c5d9f65de6ab1043048796ef5e14c5416e1fb461a74d0258c0

SHA512
6f16f14e67500e9a5b48fcd6276d0a40d1bf15cc2c49570d3036044c413579384b09fa74e8b763e68359079fe7e24f23b2a773d6d4c525fc2bd9dbecf663979e

Download Submit
\Program Files (x86)\bjcloud\BJSLClient.exe
Filesize
1.1MB

MD5
314626043175b6543a8504238737ce6a

SHA1
c7538ce50e83839be57962e2a38a21574ebc37df

SHA256
0b721fb8f19d60f47de5fcf648eb9148d8078413c1345eaa59af37f36cfcd1ec

SHA512
ed4b9827e74a043ca6a65e874693bc4addd1b71a77d711e1c4884390722abf9ba92d878a04a2921dac68178f01414979754960065c181f57f1db73ddd997024a

Download Submit
\Program Files (x86)\bjcloud\BJSLClient.exe
Filesize
1.1MB

MD5
314626043175b6543a8504238737ce6a

SHA1
c7538ce50e83839be57962e2a38a21574ebc37df

SHA256
0b721fb8f19d60f47de5fcf648eb9148d8078413c1345eaa59af37f36cfcd1ec

SHA512
ed4b9827e74a043ca6a65e874693bc4addd1b71a77d711e1c4884390722abf9ba92d878a04a2921dac68178f01414979754960065c181f57f1db73ddd997024a

Download Submit
\Program Files (x86)\bjcloud\BJSLClient.exe
Filesize
1.1MB

MD5
314626043175b6543a8504238737ce6a

SHA1
c7538ce50e83839be57962e2a38a21574ebc37df

SHA256
0b721fb8f19d60f47de5fcf648eb9148d8078413c1345eaa59af37f36cfcd1ec

SHA512
ed4b9827e74a043ca6a65e874693bc4addd1b71a77d711e1c4884390722abf9ba92d878a04a2921dac68178f01414979754960065c181f57f1db73ddd997024a

Download Submit
\Program Files (x86)\bjcloud\BJSLClient.exe
Filesize
1.1MB

MD5
314626043175b6543a8504238737ce6a

SHA1
c7538ce50e83839be57962e2a38a21574ebc37df

SHA256
0b721fb8f19d60f47de5fcf648eb9148d8078413c1345eaa59af37f36cfcd1ec

SHA512
ed4b9827e74a043ca6a65e874693bc4addd1b71a77d711e1c4884390722abf9ba92d878a04a2921dac68178f01414979754960065c181f57f1db73ddd997024a

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\AVCapture.dll
Filesize
2.1MB

MD5
ac5088b49212a362c857f1c1924f4738

SHA1
33ca803967d374261f29f738761ade74c8204c01

SHA256
c1177b3811cb437613351f1cdde6b7dbb9d809a1b02fc5a3b154ca46733d7c2e

SHA512
bf49524d3c550925f6ff38a2f2ccd4b8b72a0459954ea9a09effc8fb6a0e4cad32801342b8d900fd2e994bde7f755006cbbadb3792a99e2d96e7770c2d6dc103

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\AVDeviceListener.dll
Filesize
158KB

MD5
0af0faaf3932a72f5b8270c84f44343c

SHA1
864416ac8fdde14468e449d864aeb93121b8b1a9

SHA256
cdd3411ac3b84fa55c3cb295d4b3b93e21a4b08676917b9d4021a0e069a78723

SHA512
99c275deef41c01e3fd1873b9886bf98f5a9d50decb58cf3d87b6cbd252056965a2ee5893e31acdedada849fcfc1f85af77ea5570049548d780ea57a25e5a0f3

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\AVSDK.dll
Filesize
3.9MB

MD5
51873b24c75b8666aa77cd9abc2fc14b

SHA1
699eb5a856fa574436749e35e828a96a6fd3414e

SHA256
4c460e5e9a7562352b2f329ef84582cb97aeb73a152b65009fe693334d35c4ac

SHA512
eab296399098ed422737ef17d7314790a55ee331724966d1fbbb4f0b470ef6f668813b89b8f738ac01d00acaefc18e3ffd910973744865ff67c860462381b299

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\BaseLib.dll
Filesize
246KB

MD5
7de5001ea55c17bb529e727fcca9c3dc

SHA1
b2e81ffb8d3e95a767477f81814202d6f39d7841

SHA256
75332b2094adc17f6f1f8003b5489ad65f0092d4eb40af8b919a463fe5c85e1f

SHA512
5b4830d44460acbcbfee076a7b29a1039514cbded0c843be1ec146dd6a1351305abc04b8b2342bd28d3b8fd1b749ee01077f6f9a5853636c1850a87c33c0d02f

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\DesktopCapture.dll
Filesize
370KB

MD5
360ce0ffbc91aeab2349076600455dd2

SHA1
18248c7ca91447315158171701c8a3edf19e5a8e

SHA256
c8db3cd47c46a4891f462214210c3c6f6d1c38e3342908ed69f9101d77463c10

SHA512
4216347b7c8301908057fe36f0b47262ff51ed046798938457e056f60982530c8b205a2c089632508f366727cf75779ca4ff7f256eaf32b10449efb69c1f02ab

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\DuiLib-1.dll
Filesize
573KB

MD5
2fe319f6f4661dcea975da0259ed2008

SHA1
b7620e32e1c11c459dc218cf9c65b4a91696c321

SHA256
48123b0cb56f8963cb7d57e5aa68437039f2197a14483200dd260e0b8060b490

SHA512
286e3f3e26b8ec515dd6d33962a44a50e785abd1002476aa16df74464266ae2ac4bf679316284dde6a2ec4cd37570cded28e7f4cc7210db5ae0140a3c78177da

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\MediaPlayer.dll
Filesize
367KB

MD5
dc3b8617dc73410a4a311aa04f3d616d

SHA1
327c8467cab6962df3a2344086129811dee0cce3

SHA256
43c71b9b1fbaea75b321cf1a3674ec20e2f59f3956d2179e6aa5daedb5e9f31d

SHA512
a8b1f5d2fa6fe367cefe29cdfda807b42eb35b38ca87490c60127d613bda46d906b3c7c4b723093cec58d12043b6b18b86bf57a6bdaab53b53c8065dedc0a123

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\RtmpAgent.dll
Filesize
460KB

MD5
a47c748f8bca2bb860fa2ee8e9f5f728

SHA1
fc2c0fd6837a7282c7ee549d6347faeb0ceffac8

SHA256
4534ce32fb0b859b00302eb22125152d45e7cf7eec7d80364cf0fb3a75c10651

SHA512
0eacc32d6161bfceed16d39ee53e6450f8ee3ff6e92e6df75f85bfc2284813225a3d0446bd13deb27ff4498252c76acd33b015af804f5d49513702869f6db101

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\SDL2.dll
Filesize
758KB

MD5
95e254afb7cb6ff74a02e6a97cdac34a

SHA1
ed113edc8549dc773ed4d0f877290bca1218308e

SHA256
4ce00fd54159bc44f832ec885158d1140653dfc27632299319c6c1758e4edd16

SHA512
71e240141d1e6691a98b9c5ef584b57482e8adfd058b6d6492fd84b07ffade8a098bc2fdffe719534c4ff537e0e650273bdf78d244c8239a4b31a60172486f12

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\avcodec-57.dll
Filesize
8.0MB

MD5
99494504c463417391014f8de60e40e2

SHA1
4401bfc60d2704874fde3530e5c77966fb7dd494

SHA256
66b08fbcffe266907e9b8a3cdff2461bad5ddd8c4a06eddbefa995fb1180a146

SHA512
0c88cbb72e7fe0c5b0589cfce94a51d677e954280cc936261a9d42d7947e31d0a169129c6d397b41f65faf8aa975bf01ae82724200ff01797058e22aba86fd86

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\avformat-57.dll
Filesize
1.7MB

MD5
06930c559d2d56d2456e9f2bd7befe0c

SHA1
6506196af4a3dfdc7264363d73c911f7a4330ab0

SHA256
97b18919e91b29bd7255f00476b6b152138baabf82f0bffb8d7fd286fedae16a

SHA512
d307350248d8b324575d359d69684892decf53b4da3fcb34848844cbe3dbd78786ede710b86c8665e24821249998bd8c15c566f5fa60ed507a773e7c2cbf578c

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\avutil-55.dll
Filesize
600KB

MD5
6276efb8267bc8177e9f7fafe4b3c1f2

SHA1
830ef650b71882efbab8a944c4d3c40f86d74b89

SHA256
0b27df60f53a5b87147a9bf033d03197f90aab10c9a8dabfa001a70c76ea5ee3

SHA512
b7e81b1676dbe40cba9dbd7dd61be19aa313cb3b2c0bbfb73e1f49245954dcb59f7da38a8b8826dc4fd1e6fb45ab6cfc3a4ea477e827018f8c05b6524d165bb2

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\bjyclient.exe
Filesize
5.3MB

MD5
c02de1d516626a3c763b20e72b16876c

SHA1
5ca47924de6e196431aeaee1191835026f167a06

SHA256
504df25da1b85b6c93650327524dc577dfa0c2af2f27a24b2abc5ce308fc3f20

SHA512
1d67975e6b5416b6f9959f103d9fd6b7e849b7cb6a2de0f984c48170f6ea19fc72049283d9e02e2a840649c2b07438cf1cd9080e82b507beaab541a31a024be9

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\chrome_elf.dll
Filesize
918KB

MD5
6801cd7f6dcd4e282ee3a69d0c697117

SHA1
24f814b4d97ed48f78186c6f036768c459e01568

SHA256
0915d0d18cd0f6146c412072ce6962c9d323cf8f7886c80d4f2164ef3fe88904

SHA512
05b01e264a7452fe25a20858a43d98052fcf80574a3abeb05877aa0caa1161e17d749abb171fae1375759c9287aab62b9bfd834cbf525762597ea86b8b82a36c

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\fdk-aac-1.dll
Filesize
782KB

MD5
e32f60e0ed625d229226dde03c9e9a85

SHA1
f7795536e1bd7f5014ce5c68caa9e66b4943f4bc

SHA256
dd0c9ce8465b1d6291acb5589da581fbe297e8456b2f51cefbce6d5911d33da5

SHA512
4a40aec0db0a2154389c10ea8b1398c8001509cd1cf7c4add8df2f4f027265225f8d1ee3ac287c8ddd6f10bcadd9e74ce1cedd6f708230ca1d6062696978abd1

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\libcef.dll
Filesize
34.3MB

MD5
9ec0327d69d053b93b3f8a69546974c7

SHA1
896ffc23acc40d9eb3b24772e2113ab7ef50e555

SHA256
d71acec78d143bb8e0a27566d6268f159df261a9433e3e02cffa4dca9b50f108

SHA512
2c7dd15af3b03751e0e06990f1fc922448bd0d2191fdee169c97417d3a3f0423229950d71109d3c56184e78b7b7030d83a018e9f426324f4eed1f276a7dc9f49

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\libcef.dll
Filesize
83.8MB

MD5
70a5ad715e29aea87b5289f7431fe9f7

SHA1
ecb6a299e5ace9af7a05be1f6db31ac2c0f862ff

SHA256
e0fac22e34714f17ace2695bdd7c1ea5ffc0899e117b7bafee90140e2ec08882

SHA512
c99d7c3d4b453f437007a9ce06ba96d4c09d586f9771b15f08a6fdfa65e72f421e42f6a16a12aed9b4613aa3e31001ab80d6c52c43f0e93ab2284a9ba8271dea

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\libcnedll.dll
Filesize
1.0MB

MD5
b25009551ac428bc2a8d0c9cfd06dd96

SHA1
f6e48e56f75a35c9daf444bef39509f6c0774721

SHA256
dcf7e2ca135440a03dcddbcb6a8bcdf266dd9c989874a6b83a6b4d0b091a7887

SHA512
0b86504a2e3658e4a866b6ac7ff25d48b86e963761abf5c97de10ac424b24c792890104214a84ac107587be6347115673fb29dde8c0f380c6eed921f42d6a390

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\libiconv2.dll
Filesize
877KB

MD5
331f570aa7c20bc93deb7b237b21cc9c

SHA1
2d9ff158ffa0161aac3aa2197c361bc56369a308

SHA256
3ec2d1a924ef6f19f2db45e48b9cf4b74a904af5720100e3da02182eee3bcf02

SHA512
89960144cef6ff89c11cc3fd14c62c2633f418919c72d3c9082143bf602d51fd9c6c8870f6f194cb2ccaaf4e19f5e13825bf036d5cfd3721cbd7514e890a87b3

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\libintl3.dll
Filesize
101KB

MD5
d202baa425176287017ffe1fb5d1b77c

SHA1
192e597d8ff0192f6c4e4643361f84277ed51121

SHA256
f48ce1866602b114e653c876334b771107559acf1c685373d2305034613958f0

SHA512
706d74c56ce8d08539c729bdb6c8d57c9a4b0a1c795b8574a1bb2c452358e1bfd5d4fca5a00ab7568dea4ae02c553ce6ab199b3c6418a44cb8915f7e26bd2988

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\libx264-152.dll
Filesize
1.0MB

MD5
fc76075403e0d824c8217da9ea502b6f

SHA1
ee31c4dacd9d074d29ba9d33800766234662d473

SHA256
89e6bb3a8d097698ed02570b5d618a3c8659a641e3439c4842b9bd56f5b7ac04

SHA512
b9a3a9f42b3f586932960770f715ee5358e90b765d61bd45252cb81f242d9ceb81fafa5a4bd3bc516669bb27380f97971f5804bfd71301a8475303bcf702b19a

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\swresample-2.dll
Filesize
187KB

MD5
4f428cc379f9af9916b37ed26b4891c2

SHA1
050a957768a099d5052b185dec38fb9882be853c

SHA256
fae58b5b7d42594c90cb45f06784da3130eecbec63455ac402fdcb0edac006e6

SHA512
101b38fd3f36b7007eb0c1e8bef2c287db7dff212af205865921f461384d221313c69faab794bc1d1d9b5b00493e95aa932b4ba983e3cad3f0d912c4a9588cad

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\swscale-4.dll
Filesize
509KB

MD5
dabd8f86988ce739554ada6345189120

SHA1
122537b764d12b3bcbb420b8804041b38a11de51

SHA256
0558058f849818f30841c58f95bd02ded00eb902fab39f39a92e38e243bf4529

SHA512
966c235de9413202574af4205b628349a753037a248d87b3b886a5d52db71069ee70531ae1835a0fb455ad0609047e7f0dd39cfd9bd2a3a8f5ca281da04a3d8c

Download Submit
\Program Files (x86)\bjcloud\cloudclassroom_pro\xy_sdk.dll
Filesize
308KB

MD5
0e1bde3eaca95b237b2b0f9c5b904f3b

SHA1
3b57a7d827680c6e12ec19d9692947b60b8d5cf1

SHA256
e283790dd1ed0e6b5d660289fc62825bafdaf21db933be73adce1cb5c3356e06

SHA512
b2ceb912b0bdd7768cdd56b08b28e893854a2a7af5ea825223c63fdfe0effcb19c4c3792bba31a962004c9af9a76b9ba9407880ce054296a2e9780946f990592

Download Submit
\Users\Admin\AppData\Local\Temp\nst2770.tmp\InstallOptions.dll
Filesize
14KB

MD5
d753362649aecd60ff434adf171a4e7f

SHA1
3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

SHA256
8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

SHA512
41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

Download Submit
\Users\Admin\AppData\Local\Temp\nst2770.tmp\LangDLL.dll
Filesize
5KB

MD5
e447e49175c0db1f27888aede301084f

SHA1
f5946c743265cd8e81f3e7b6376dada57f99877f

SHA256
fd26ef21d72797fedecd3d15f2001cea793383aceb3cee19a5ae2a3d30e197b6

SHA512
e6543bf81bedce94a58f48cd6f9daaec891775e01ff76b771c22d459a778490f9bba0bebbf111b1ca3091b3ca69bca806a9b5e68ce12df03abbaa6ce5c4b7cec

Download Submit
\Users\Admin\AppData\Local\Temp\nst2770.tmp\System.dll
Filesize
10KB

MD5
56a321bd011112ec5d8a32b2f6fd3231

SHA1
df20e3a35a1636de64df5290ae5e4e7572447f78

SHA256
bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

SHA512
5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

Download Submit
\Users\Admin\AppData\Local\Temp\nst2770.tmp\processwork.dll
Filesize
231KB

MD5
0a4fa7a9ba969a805eb0603c7cfe3378

SHA1
0f018a8d5b42c6ce8bf34b4a6422861c327af88c

SHA256
27329ea7002d9ce81c8e28e97a5c761922097b33cedeada4db30d2b9d505007c

SHA512
e13e29712457d5e6351bfd69cba6320795d8b2fd1a047923814f8699f7188ec730ec7f0d946fdff66c8b430fef011415ed045b6ea56e4cc0b1d010171ab88178

Download Submit
memory/908-121-0x0000000000000000-mapping.dmp

Download
memory/1724-72-0x0000000000000000-mapping.dmp

Download
memory/2016-54-0x00000000757A1000-0x00000000757A3000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads