fc753c8a38b3b72b0eb7dc60509bce8fe085d192e501b88ca472ac5a998fcc0e

Sharing

Copy URL Twitter E-mail

General

Target

fc753c8a38b3b72b0eb7dc60509bce8fe085d192e501b88ca472ac5a998fcc0e
Size

576KB
MD5

5b0f9ead4a5e0894c5800151a000b85f
SHA1

60ee83a6a1d3816d88479b1b41f4f74e3cab1516
SHA256

fc753c8a38b3b72b0eb7dc60509bce8fe085d192e501b88ca472ac5a998fcc0e
SHA512

5718815468022e31769015e01b4d2a2e700574082a7deff816d33bd1f2d12aa9ef44f0fb46da5af5a68f69c4d3cbf6bbbc97097bc8cb3dc709f23af7f2ef979b
SSDEEP

12288:Pi9SNqRC2H5VG1G0FBLT2iw/NCGeaaXURHFluo3e5NFJ4yVMqLh6:PxNhVLk/NCFURHuo3YJ7VMq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc753c8a38b3b72b0eb7dc60509bce8fe085d192e501b88ca472ac5a998fcc0e

Files

fc753c8a38b3b72b0eb7dc60509bce8fe085d192e501b88ca472ac5a998fcc0e
.exe windows x86

01e5834c4e9dc1919dc459803d220109

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hcnetsdk

NET_DVR_PTZControl
NET_DVR_GetLastError
NET_DVR_SetExceptionCallBack_V30
NET_DVR_Init
NET_DVR_SetDVRConfig
NET_DVR_SetRealDataCallBack
NET_DVR_RealPlay_V40
NET_DVR_StopRealPlay
NET_DVR_Logout_V30
NET_DVR_Login_V30

playctrl

PlayM4_Stop
PlayM4_InputData
PlayM4_Play
PlayM4_OpenStream
PlayM4_SetStreamOpenMode
PlayM4_GetPort
PlayM4_FreePort
PlayM4_CloseStream

msvcr80d

_crt_debugger_hook
__FrameUnwindFilter
_amsg_exit
_cexit
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
_except_handler4_common

msvcm80d

?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
MapViewOfFile
OpenFileMappingW
UnmapViewOfFile
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
CloseHandle

mscoree

_CorExeMain

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01e5834c4e9dc1919dc459803d220109

Headers

DLL Characteristics

File Characteristics

Imports

hcnetsdk

playctrl

msvcr80d

msvcm80d

kernel32

mscoree

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 512KB - Virtual size: 511KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 512KB - Virtual size: 511KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB