82f5ceb57f6d9660c792276a75248e7f3c4d33c66919ec05e6d7bcd416703a64

Sharing

Copy URL Twitter E-mail

General

Target

82f5ceb57f6d9660c792276a75248e7f3c4d33c66919ec05e6d7bcd416703a64
Size

800KB
MD5

2f6b9a3d8f2f49dcfc40cf92f365a2d2
SHA1

1ef2c6ad731d0ecea5983dead13c6c35ef126ac0
SHA256

82f5ceb57f6d9660c792276a75248e7f3c4d33c66919ec05e6d7bcd416703a64
SHA512

d2d330f07578a1add7244271651498bf14bff2e1a57718efdc4faa29d6295a97f9a342026a0447c7169f1b394628d68f6ceb1c00487bea4ba5ab66f14bbabf83
SSDEEP

6144:QL8iCjMSPEHbBZ7j7C7mOCKw1Ov2ioJrpGpS8MeWH88ICIJZNhLjpV:Q1CjmL7j7CXU1Ov/Pk8Rg8Hl9

Score

N/A

Malware Config

Signatures

Files

82f5ceb57f6d9660c792276a75248e7f3c4d33c66919ec05e6d7bcd416703a64
.exe windows x86

f73ab41200c55b2d413b484065e2da77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hikplaym4

Hik_PlayM4_SetColor
Hik_PlayM4_ResetBuffer
Hik_PlayM4_SetTimerType
Hik_PlayM4_SetDisplayType
Hik_PlayM4_ThrowBFrameNum
Hik_PlayM4_SetPicQuality
Hik_PlayM4_SetDeflash
Hik_PlayM4_GetJPEG
Hik_PlayM4_GetBMP
Hik_PlayM4_OneByOne
Hik_PlayM4_OneByOneBack
Hik_PlayM4_Slow
Hik_PlayM4_Fast
Hik_PlayM4_SetCurrentFrameNum
Hik_PlayM4_SetPlayPos
Hik_PlayM4_StopSound
Hik_PlayM4_Pause
Hik_PlayM4_Play
Hik_PlayM4_SetDecCallBackMend
Hik_PlayM4_ResetSourceBuffer
Hik_PlayM4_PlaySound
Hik_PlayM4_GetCapsEx
Hik_PlayM4_GetPlayedTime
Hik_PlayM4_GetCurrentFrameNum
Hik_PlayM4_CloseStream
Hik_PlayM4_SetSourceBufCallBack
Hik_PlayM4_SetStreamOpenMode
Hik_PlayM4_OpenStream
Hik_PlayM4_SetFileRefCallBack
Hik_PlayM4_OpenFile
Hik_PlayM4_GetLastError
Hik_PlayM4_SetOverlayMode
Hik_PlayM4_GetPictureSize
Hik_PlayM4_InputData
Hik_PlayM4_ResetSourceBufFlag
Hik_PlayM4_Stop
Hik_PlayM4_CloseFile
Hik_PlayM4_RealeseDDraw
Hik_PlayM4_ReleaseDDrawDevice
Hik_PlayM4_SetPlayedTimeEx
Hik_PlayM4_RefreshPlay
Hik_PlayM4_SetVolume
Hik_PlayM4_SetDisplayCallBack
Hik_PlayM4_SetAudioCallBack
Hik_PlayM4_InitDDrawDevice
Hik_PlayM4_SetDDrawDevice
Hik_PlayM4_SetFileEndMsg
Hik_PlayM4_SetEncChangeMsg
Hik_PlayM4_GetSdkVersion
Hik_PlayM4_GetDDrawDeviceInfo
Hik_PlayM4_GetOverlayMode
Hik_PlayM4_GetColorKey
Hik_PlayM4_GetDisplayBuf
Hik_PlayM4_GetVolume
Hik_PlayM4_GetPictureQuality
Hik_PlayM4_GetTimerType
Hik_PlayM4_GetBufferValue
Hik_PlayM4_GetDDrawDeviceTotalNums
Hik_PlayM4_SetDDrawDeviceEx
Hik_PlayM4_SetDisplayRegion
Hik_PlayM4_RefreshPlayEx
Hik_PlayM4_GetFileTime
Hik_PlayM4_GetFileTotalFrames
Hik_PlayM4_GetFileHeadLength
Hik_PlayM4_GetKeyFramePos
Hik_PlayM4_GetNextKeyFramePos

kernel32

GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExA
GetProfileStringA
GetVersion
lstrlenA
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
MulDiv
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
SetFilePointer
CloseHandle
WriteFile
ReadFile
CreateFileA
Sleep
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventA
CreateThread
GetFileSize
TerminateThread
GetExitCodeThread
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
SetLastError
GetProcAddress
GetModuleHandleA
GlobalUnlock
GlobalLock
LocalFree
FormatMessageA
lstrcpynA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
lstrcmpA
GlobalFree
GetCurrentThread
GlobalAlloc
GetModuleFileNameA
GetLastError
DuplicateHandle
GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetThreadLocale
GlobalFlags
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetOEMCP
SizeofResource
WritePrivateProfileStringA
GetFileAttributesA
GetFileTime
GetStdHandle
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
HeapFree
HeapAlloc
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount

user32

CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
SetParent
RegisterClipboardFormatA
PostThreadMessageA
DeferWindowPos
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetWindowPlacement
IntersectRect
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
EnableMenuItem
PeekMessageA
GetKeyState
IsIconic
GetSystemMenu
GetMenu
CheckMenuItem
LoadIconA
CopyIcon
GetCursorPos
ScreenToClient
LoadCursorA
KillTimer
ReleaseCapture
SetCapture
PtInRect
SetTimer
IsWindow
RedrawWindow
DrawIcon
FrameRect
LoadImageA
GetIconInfo
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
GetMenuItemInfoA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SetRect
DestroyCursor
EnableWindow
GrayStringA
GetSubMenu
TabbedTextOutA
RemoveMenu
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
LockWindowUpdate
GetDCEx
GetMenuState
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
CharUpperA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
wvsprintfA
EndDialog
CreateDialogIndirectParamA
LoadStringA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetRectEmpty
GetMessageA
TranslateMessage
ValidateRect
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
CreateIconIndirect
GetClassNameA
AdjustWindowRectEx
UpdateWindow
EqualRect
SetWindowsHookExA

gdi32

StretchBlt
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
CreateBitmap
DeleteObject
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
GetTextExtentPointA
SetBkColor
SetTextColor
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
PatBlt
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SetWindowExtEx
SelectObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
CreateDIBitmap
ScaleWindowExtEx
LPtoDP
GetBkColor
GetTextColor
GetTextMetricsA
CreateFontA
GetCharWidthA
StretchDIBits
DPtoLP
CombineRgn
SetRectRgn
GetMapMode
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Destroy
ImageList_Create
ord17
ImageList_GetImageCount

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

olepro32

ord253

oleaut32

VariantClear
SysFreeString
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
SysAllocStringLen

winmm

PlaySoundA

shlwapi

PathFileExistsA

Sections

.text
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f73ab41200c55b2d413b484065e2da77

Headers

File Characteristics

Imports

hikplaym4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

shlwapi

Sections

.text Size: 260KB - Virtual size: 258KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 440KB - Virtual size: 504KB

.text
Size: 260KB - Virtual size: 258KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 440KB - Virtual size: 504KB