00212ee6c64af91d19567c02bb2924746a2539fb3234807f06b16b5cb3fb954f

Sharing

Copy URL

Twitter E-mail

General

Target

00212ee6c64af91d19567c02bb2924746a2539fb3234807f06b16b5cb3fb954f
Size

1.1MB
MD5

b2fe3c5db50c6ecfdc8dc164c84165ea
SHA1

3099af7c3570867a2d4fdfa3141e38915c713407
SHA256

00212ee6c64af91d19567c02bb2924746a2539fb3234807f06b16b5cb3fb954f
SHA512

a7e5cd2c7eadffec332e613fa3a27361cab3656c6244308ffbb6bf3bcfc53466d9b4aa058f243806e9eb59ec1691a3d5f9a3f10f7ef4e8254262ea3770dab570
SSDEEP

12288:L6cnPC8In9tFF209pGHNu4B2UZ1R5cb0jwt:L6caz/32lI4rZdcmwt

Score

1^/10

Malware Config

Signatures

Files

00212ee6c64af91d19567c02bb2924746a2539fb3234807f06b16b5cb3fb954f
.exe windows x86

18407a2afc49242100225bf7bfcf780b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc90

ord1254
ord1943
ord6740
ord405
ord664
ord2209
ord3390
ord4502
ord2360
ord6257
ord265
ord2691
ord2327
ord5835
ord941
ord311
ord2283
ord1720
ord4646
ord3643
ord777
ord2591
ord3612
ord2106
ord3534
ord6048
ord1358
ord2587
ord6078
ord4952
ord4029
ord589
ord793
ord4197
ord1098
ord6462
ord615
ord3659
ord4890
ord3110
ord6001
ord5646
ord5663
ord4981
ord4333
ord2447
ord5659
ord5657
ord4498
ord2087
ord4199
ord5813
ord6721
ord5533
ord1046
ord4165
ord6018
ord2206
ord2251
ord4733
ord6781
ord4159
ord6783
ord4409
ord4434
ord2103
ord1604
ord4496
ord2277
ord1670
ord4640
ord3487
ord1944
ord6615
ord4431
ord524
ord744
ord5167
ord2900
ord6255
ord4760
ord2902
ord3157
ord3506
ord3927
ord2286
ord1786
ord1723
ord4649
ord3269
ord3650
ord784
ord4022
ord4254
ord6557
ord6787
ord4157
ord6329
ord3159
ord3141
ord686
ord436
ord790
ord3654
ord3273
ord798
ord2069
ord1144
ord2896
ord4030
ord1258
ord3480
ord3277
ord4638
ord1668
ord2274
ord3757
ord4311
ord5615
ord4617
ord5152
ord5309
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1496
ord4650
ord5636
ord4668
ord4248
ord4993
ord6584
ord6335
ord4252
ord300
ord820
ord310
ord3987
ord1938
ord693
ord595
ord3554
ord4667
ord4895
ord4334
ord2886
ord4057
ord4067
ord4066
ord3244
ord2759
ord2888
ord2769
ord3135
ord2961
ord4714
ord3107
ord2978
ord2766
ord5633
ord1728
ord1791
ord1792
ord2139
ord5608
ord1446
ord3218
ord6356
ord5389
ord3671
ord6782
ord4160
ord6784
ord1644
ord2368
ord2375
ord2625
ord2607
ord2605
ord2623
ord2635
ord2612
ord2628
ord2633
ord2616
ord2618
ord2620
ord2614
ord2630
ord2610
ord969
ord965
ord967
ord963
ord958
ord5666
ord5668
ord6446
ord1729
ord4688
ord5139
ord3732
ord2692
ord5963
ord4507
ord4116
ord2899
ord6559
ord945
ord1611
ord305
ord3213
ord3178
ord6613
ord1183
ord1321
ord5923
ord2480
ord1603
ord2590
ord1108
ord1061
ord1252
ord1087
ord1137
ord5647
ord4589
ord6780
ord1691
ord2539
ord3144
ord5497
ord2074
ord4256
ord3726
ord5585
ord4644
ord6646
ord1361
ord2130
ord3568
ord1497
ord4331
ord1752
ord1755
ord6391
ord3346
ord2280
ord639
ord374
ord3783
ord611
ord2282
ord817
ord1276
ord266
ord601
ord316
ord910
ord3209
ord800

msvcr90

memset
memcpy
__CxxFrameHandler3
_setmbcp
_itoa
_close
_write
_CxxThrowException
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
exit
_snwprintf_s
__iob_func
fprintf
_set_purecall_handler
_set_invalid_parameter_handler
_localtime64
printf
memmove_s
strncpy
wctomb
strtol
_mbsnbcpy
_mbclen
sprintf
_mbsnbcmp
_mbschr
_mbsnbicmp
strftime
_mktime64
_localtime64_s
_time64
_itoa_s
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
sprintf_s
atoi
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
_open

kernel32

GetModuleHandleA
GetProcAddress
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
EnterCriticalSection
LoadLibraryA
GetCurrentDirectoryA
SetCurrentDirectoryA
Sleep
InitializeCriticalSection
WideCharToMultiByte
DeleteCriticalSection
GetLastError
SetLastError
OutputDebugStringA
LeaveCriticalSection
InterlockedExchange
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
GetTickCount
GetCurrentProcess
GetCurrentProcessId
CreateFileA
GetCurrentThreadId
ReleaseSemaphore
WaitForSingleObject
CloseHandle
TerminateThread
FreeLibrary
SetUnhandledExceptionFilter
CreateThread
CreateSemaphoreA
MultiByteToWideChar

user32

GetSystemMenu
InvalidateRect
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
MessageBoxA
ReleaseDC
GetDC
GetWindowRect
GetSubMenu
ClientToScreen
LoadMenuA
SetTimer
LoadIconA
AppendMenuA
CreatePopupMenu
ScreenToClient
GetCursorPos
PostMessageA
SendMessageA

gdi32

CreatePen
Rectangle

shell32

SHCreateDirectoryExA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecA

ole32

CoCreateGuid

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

libhttptvwall

?http_client_send@@YAHPBDPADAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

tmcp_interface_sdk

Plat_GetLastError
Plat_GetFilePercent
Plat_Init
Plat_LoginCMS
Plat_LogoutCMS
Plat_Free
Plat_SubscribeAlarm
Plat_SubscribeStat
Plat_CapPic
Plat_QueryRecordFile
Plat_GetPlayBackInfo
Plat_GetPlayBackUrl
Plat_UnSubscribeAlarm
Plat_StopVideo
Plat_ControlCamera
Plat_PlayControl
Plat_GetPlaybackPercent
Plat_StartRecordFile
Plat_StopRecordFile
Plat_PlayVideo
Plat_StartDownLoad
Plat_GetPresetInfo
Plat_FreePresetInfo
Plat_DelPresetInfo
Plat_QueryRealStreamURL_byCameraIndexCode
Plat_QueryRealStreamURL
Plat_GetDeviceReport
Plat_Preview_on_tvwall_byCameraId
Plat_Preview_off_tvwall
Plat_PlaybackAbsRandom
Plat_OpenSound
Plat_SetVolume
Plat_GetVolume
Plat_CloseSound
Plat_StartTalk
Plat_GetValueInt
Plat_GetResourceState
Plat_MoveNext
Plat_GetValueStr_CheckCascade
Plat_GetValueStr
Plat_QueryResource
Plat_StopDownLoad
Plat_AddPresetInfo
Plat_StopTalk

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 908KB - Virtual size: 907KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

iftl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18407a2afc49242100225bf7bfcf780b

Headers

DLL Characteristics

File Characteristics

Imports

mfc90

msvcr90

kernel32

user32

gdi32

shell32

comctl32

shlwapi

ole32

oleaut32

msvcp90

libhttptvwall

tmcp_interface_sdk

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 908KB - Virtual size: 907KB

.reloc Size: 15KB - Virtual size: 14KB

iftl Size: 4KB - Virtual size: 4KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 908KB - Virtual size: 907KB

.reloc
Size: 15KB - Virtual size: 14KB

iftl
Size: 4KB - Virtual size: 4KB