a7d4642974cd0d654c5a5c1c3a212d1d818859cab37515c2d583c5024b153134

Sharing

Copy URL Twitter E-mail

General

Target

a7d4642974cd0d654c5a5c1c3a212d1d818859cab37515c2d583c5024b153134
Size

924KB
MD5

0e87d1673bab8ac0cd26fab5f04d7e90
SHA1

6dca9824a3427f01418d636dbcf64e121f2af2ef
SHA256

a7d4642974cd0d654c5a5c1c3a212d1d818859cab37515c2d583c5024b153134
SHA512

41ecc62dcfacf3569e761aa411285d9130471c9973542ddbe4f146fb524db9bbac0ce8290c9117dfc0fe8c8f6ebf93eae6f7d13ceb9882387e5d7aa47c9b486e
SSDEEP

12288:Gl1ZKhSlnVtyjB80i0BvMVPQNET8vSu8wD5s2S83h+zaegl/06/Oa:GxtyjB80HB0twEo6G5sA3TBb/Oa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7d4642974cd0d654c5a5c1c3a212d1d818859cab37515c2d583c5024b153134

Files

a7d4642974cd0d654c5a5c1c3a212d1d818859cab37515c2d583c5024b153134
.exe windows x86

c21afb11faaebe2ab237b010f933942f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netsdk

Net_AddCamera
Net_QueryTimeSetup
Net_TimeSetup
Net_FileUpdate
Net_DisConnCamera
Net_DelCamera
Net_BlackWhiteListSend
Net_Log
Net_ConnCamera

kernel32

GetVolumeInformationW
GetFullPathNameW
CreateFileW
SetErrorMode
GetTickCount
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
FindFirstFileA
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
GetStdHandle
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetFullPathNameA
GetCurrentDirectoryA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEnvironmentVariableA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetVersionExW
GetThreadLocale
InterlockedIncrement
GetCurrentProcessId
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
InterlockedDecrement
GetModuleHandleW
GetLastError
SetLastError
FormatMessageW
LocalFree
MulDiv
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryW
Sleep
DeleteCriticalSection
WaitForSingleObject
GetModuleFileNameW
InitializeCriticalSection
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileW
CloseHandle
TerminateThread
GetLocalTime
lstrlenA
MultiByteToWideChar
lstrlenW
LockResource
CreateProcessW
GlobalUnlock
GlobalFree
GlobalLock
FreeResource
GlobalAlloc
LoadResource
SizeofResource
FindResourceW
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA

user32

RegisterClipboardFormatW
ReleaseCapture
SetCapture
UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
CharNextW
GetWindowThreadProcessId
SetCursor
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetCursorPos
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
TabbedTextOutW
GetWindowTextLengthW
GetWindowTextW
GetWindow
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
CharUpperW
GetMenuItemCount
GetSubMenu
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
DispatchMessageW
GetSysColor
KillTimer
SetWindowRgn
SetTimer
IsRectEmpty
DrawIcon
IsIconic
SystemParametersInfoW
AppendMenuW
GetSystemMenu
LoadIconW
MessageBoxW
PostMessageW
GetMessageW
PostThreadMessageW
ReleaseDC
GetDC
GetClientRect
SetWindowLongW
GetWindowLongW
CallWindowProcW
GetParent
TrackMouseEvent
DrawTextW
CopyRect
GetClassNameW
GetSystemMetrics
EnableWindow
SendMessageW
FillRect
GetWindowRect
InvalidateRect
CreateWindowExW
UnregisterClassA

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
PtVisible
CreateBitmap
OffsetViewportOrgEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
GetWindowExtEx
GetViewportExtEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
DeleteObject
CreateFontW
CreateCompatibleBitmap
BitBlt
GetObjectW
SetDIBColorTable
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
GetClipBox
SetMapMode
SetStretchBltMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateRoundRectRgn
GetTextExtentPoint32W
CreateSolidBrush
SetTextColor
CreatePen
SetBkMode
GetStockObject
Rectangle
GetDIBColorTable
StretchBlt
RectVisible

msimg32

AlphaBlend
TransparentBlt
GradientFill

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathFileExistsW
StrCmpLogicalW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
CoRegisterMessageFilter
CreateStreamOnHGlobal

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocString
SysAllocStringLen

urlmon

URLDownloadToFileW

gdiplus

GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipFree
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusStartup
GdipBitmapLockBits
GdiplusShutdown

ws2_32

inet_addr
gethostbyname

winmm

PlaySoundW

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c21afb11faaebe2ab237b010f933942f

Headers

File Characteristics

Imports

netsdk

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

ws2_32

winmm

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 488KB - Virtual size: 486KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 488KB - Virtual size: 486KB