93e1243252c6c9f631fd0416ba18261bafeab18feeab665d408aabca43a28347

Sharing

Copy URL

Twitter E-mail

General

Target

93e1243252c6c9f631fd0416ba18261bafeab18feeab665d408aabca43a28347
Size

2.2MB
MD5

de4ed5868ba4aeec28e1b3faf469c68f
SHA1

da17f0755067e928f6fbb8cd3d144bc8fcd808f9
SHA256

93e1243252c6c9f631fd0416ba18261bafeab18feeab665d408aabca43a28347
SHA512

24fa9336b276d08a32b94f911087af1cb3f4f6fcbf11f595925862d8ceb1648fa3bb46214687c804d97a696489c1ff5af7d7e2fc10dceac0bcc97b2b44823bd9
SSDEEP

24576:UaKHUKItFbUKJJKagbiHJxpSF3rCu/IgamhTkmw14F:3tKKJJKaguHJ+//amhTs14F

Score

1^/10

Malware Config

Signatures

Files

93e1243252c6c9f631fd0416ba18261bafeab18feeab665d408aabca43a28347
.exe windows x86

044c6d3e27794041b45a8e513e9b4a94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

DeleteIpNetEntry
GetNetworkParams
GetIpNetTable
GetAdaptersInfo

kernel32

GetFileTime
GetCurrentDirectoryW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
UnhandledExceptionFilter
IsDebuggerPresent
MoveFileA
CreateDirectoryA
HeapReAlloc
GetFileInformationByHandle
PeekNamedPipe
GetFileType
FindFirstFileA
FindNextFileA
GetDriveTypeA
ExitThread
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InterlockedIncrement
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
DebugBreak
FatalAppExitA
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetConsoleCP
GetConsoleMode
SetStdHandle
SetConsoleCtrlHandler
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetFileAttributesW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetThreadLocale
GetStringTypeExW
MoveFileW
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
lstrcmpA
GlobalSize
FormatMessageW
LocalFree
MulDiv
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
lstrcmpW
GetVersionExA
WritePrivateProfileStringW
RemoveDirectoryW
CopyFileW
CreateDirectoryW
SetPriorityClass
CreateThread
TerminateThread
ResetEvent
GetPrivateProfileIntW
CreateEventW
WaitForSingleObject
Sleep
SetEvent
GlobalFree
SetUnhandledExceptionFilter
GetModuleFileNameA
TerminateProcess
LoadLibraryA
WriteProcessMemory
CreateFileA
GetCurrentThreadId
GetCurrentProcess
GetModuleFileNameW
GetCurrentProcessId
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
SetErrorMode
SystemTimeToFileTime
GetTickCount
GetPrivateProfileStringW
DeleteFileW
OutputDebugStringW
CreateFileW
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
CloseHandle
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetLastError
SetLastError
lstrcmpiW
FreeResource
GetCPInfo
GetVersion
GetVersionExW
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrlenA
GetAtomNameW
GetLocaleInfoW
GlobalGetAtomNameW
InterlockedCompareExchange
GetCommandLineA

user32

LoadMenuW
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
SetMenu
TranslateAcceleratorW
GetDialogBaseUnits
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CharUpperW
GetWindowThreadProcessId
GetMessageW
TranslateMessage
ValidateRect
MapVirtualKeyW
GetKeyNameTextW
DestroyMenu
GetMenuStringW
EndPaint
BeginPaint
GetWindowDC
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
UnregisterClassA
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
ReuseDDElParam
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
EndDialog
LoadIconW
SetCapture
IsIconic
GetSystemMenu
DrawIcon
LoadCursorFromFileW
ReleaseCapture
GetWindowTextW
MessageBoxW
IsWindowVisible
UnpackDDElParam
GetDCEx
LockWindowUpdate
UnregisterClassW
WaitMessage
CharNextW
PostThreadMessageW
RegisterClipboardFormatW
UnionRect
UpdateWindow
SetWindowLongW
KillTimer
SetParent
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetLastActivePopup
CopyAcceleratorTableW
SetTimer
ScreenToClient
IsZoomed
SetRectEmpty
PtInRect
IsRectEmpty
GetCursorPos
GetWindow
LoadCursorW
GetWindowLongW
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
DrawFocusRect
DrawStateW
FrameRect
OffsetRect
InflateRect
LoadImageW
GetIconInfo
CreateIconIndirect
PostMessageW
SetCursor
IsMenu
DestroyCursor
GetDesktopWindow
ReleaseDC
GetDC
RemoveMenu
ModifyMenuW
InsertMenuW
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuW
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DrawEdge
LoadBitmapW
CopyRect
SetRect
GetSysColorBrush
FillRect
GetSystemMetrics
DrawIconEx
DestroyIcon
SystemParametersInfoW
GetSysColor
GetMenuItemInfoW
SendMessageW
EnableWindow
GetWindowRect
ShowScrollBar
RegisterWindowMessageW

gdi32

PlayMetaFile
ScaleViewportExtEx
ExtCreatePen
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
EnumMetaFile
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
GetTextMetricsW
GetTextColor
GetRgnBox
SetViewportExtEx
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
DPtoLP
GetTextExtentPoint32W
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetDCOrgEx
StretchBlt
GetCurrentObject
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Escape
ExtTextOutW
TextOutW
SetPixel
GetPixel
PatBlt
Rectangle
Ellipse
RectVisible
PtVisible
GetBkMode
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
CreateFontIndirectW
CreateHatchBrush
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SetWindowOrgEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegQueryValueExW
RegCreateKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
RegOpenKeyExW

shell32

DragQueryFileW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
ShellExecuteW
DragFinish
SHGetFileInfoW

comctl32

ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathRemoveExtensionW

oledlg

OleUIBusyW

ole32

SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoDisconnectObject
CreateStreamOnHGlobal

oleaut32

SafeArrayPutElement
LoadTypeLi
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayLock

netsdk

ord36
ord18
ord5
ord13
ord40
ord34
ord20
ord2
ord1
ord4
ord11
ord7
_H264_DVR_SetDevConfig_JsonV2@28
_H264_DVR_GetDevConfig_JsonV2@32
ord16
ord15
ord3
ord6
ord52
ord12
ord39

h264play

ord33
ord3
ord82
ord4
ord19
ord18
ord17

ws2_32

socket
connect
ioctlsocket
select
__WSAFDIsSet
recv
WSAGetLastError
getprotobyname
inet_addr
htons
WSASocketW
setsockopt
closesocket
sendto
recvfrom
WSAStartup
gethostbyname
inet_ntoa
WSACleanup

dbghelp

MiniDumpWriteDump

libxl

xlCreateBookW

Sections

.textbss
Size: - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 38.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

044c6d3e27794041b45a8e513e9b4a94

Headers

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

netsdk

h264play

ws2_32

dbghelp

libxl

Sections

.textbss Size: - Virtual size: 811KB

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 244KB - Virtual size: 240KB

.data Size: 36KB - Virtual size: 38.5MB

.idata Size: 20KB - Virtual size: 18KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 192KB - Virtual size: 188KB

.textbss
Size: - Virtual size: 811KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 244KB - Virtual size: 240KB

.data
Size: 36KB - Virtual size: 38.5MB

.idata
Size: 20KB - Virtual size: 18KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 192KB - Virtual size: 188KB