1ab698608bcff334a1af23545dfd57bb7d74a3ad6c6356b8aa028cae968cb5f3

Sharing

Copy URL Twitter E-mail

General

Target

1ab698608bcff334a1af23545dfd57bb7d74a3ad6c6356b8aa028cae968cb5f3
Size

1.8MB
MD5

bd6a592a52de29b55a85daf2f7e0847a
SHA1

a8ffcb6683f0ab6261f25d74d14ab235e167c20c
SHA256

1ab698608bcff334a1af23545dfd57bb7d74a3ad6c6356b8aa028cae968cb5f3
SHA512

8a6be0919ca41f267102aefb32018c0b6410bc5528cd63dc2f65ef59acd6ad3d0fdd0eb3ddefc7876b1201246845d05e1fb85b66e35eb58009f59c77603d6ca6
SSDEEP

49152:eXAaJK94GvJh1AQeM7bDzaKP7SQuDSsIZhcYj3cW/zzxMck7d5Ox:yJK94G71UM7bHaKTSQuDSsEj3cwzzxMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab698608bcff334a1af23545dfd57bb7d74a3ad6c6356b8aa028cae968cb5f3

Files

1ab698608bcff334a1af23545dfd57bb7d74a3ad6c6356b8aa028cae968cb5f3
.exe windows:5 windows x86

27e144e90461b06be2eddc20d337b8c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libeasyplayer-rtsp

?EasyPlayer_SetManuRecordPath@@YAHHPBD@Z
?EasyPlayer_SetShownToScale@@YAHHH@Z
?EasyPlayer_PlaySound@@YAHH@Z
?EasyPlayer_SetFrameCache@@YAHHH@Z
?EasyPlayer_OpenStream@@YAHPBDPAUHWND__@@W4__RENDER_FORMAT@@H00P6GHHPAHHPADPAUtagEASY_FRAME_INFO@@@ZPAX_N44M@Z
?EasyPlayer_CloseStream@@YAXH@Z
?EasyPlayer_StartManuPicShot@@YAHH@Z
?EasyPlayer_StopManuRecording@@YAHH@Z
?EasyPlayer_SetManuPicShotPath@@YAHHPBD@Z
?EasyPlayer_ShowStatisticalInfo@@YAHHH@Z
?EasyPlayer_Release@@YAXXZ
?EasyPlayer_Init@@YAHPAD@Z
?EasyPlayer_PlaybackResume@@YAHH@Z
?EasyPlayer_PlaybackPause@@YAHH@Z
?EasyPlayer_SetPlaybackSpeed@@YAHHM@Z
?EasyPlayer_ShowOSD@@YAHHHUtagEASY_PALYER_OSD@@@Z
?EasyPlayer_StartManuRecording@@YAHH@Z
?EasyPlayer_GetMediaInfo@@YAHHAAUtagMEDIA_INFO@@@Z

kernel32

IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
CreateFileA
GetDriveTypeW
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
FlushInstructionCache
TerminateProcess
QueryPerformanceCounter
HeapCreate
CreateFileW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameW
GetLocalTime
SetUnhandledExceptionFilter
InterlockedDecrement
OutputDebugStringW
GlobalAlloc
GlobalFree
FreeResource
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
lstrlenW
lstrcpynW
GetProcAddress
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
HeapFree
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetModuleHandleW
GetTickCount
lstrcpyW
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryW
ActivateActCtx
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DeleteFileW
lstrcmpiW
lstrlenA
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
ReleaseActCtx
CreateActCtxW
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
LocalAlloc
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
FreeLibrary
CompareStringW
lstrcmpW
CopyFileW
GlobalSize
FormatMessageW
GlobalLock
GlobalUnlock
ReadFile
GetFileSize
MulDiv
LocalFree

user32

InsertMenuItemW
TranslateAcceleratorW
FrameRect
RegisterClipboardFormatW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetNextDlgGroupItem
CopyImage
GetIconInfo
HideCaret
InvertRect
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
IsClipboardFormatAvailable
CopyAcceleratorTableW
DestroyIcon
UnregisterClassW
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
MonitorFromPoint
UpdateLayeredWindow
UnionRect
GetAsyncKeyState
NotifyWinEvent
MessageBeep
DeleteMenu
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
WindowFromPoint
IntersectRect
LoadMenuW
CharUpperW
SystemParametersInfoW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
MapVirtualKeyW
GetKeyNameTextW
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
GetTopWindow
GetMessageTime
PeekMessageW
ScrollWindow
GetKeyState
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
GetMenu
GetWindow
GetSysColor
EndPaint
BeginPaint
GetMenuState
GetMenuStringW
GetMenuItemID
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
LoadBitmapW
UpdateWindow
DrawStateW
ShowScrollBar
SetScrollRange
GetScrollRange
GetScrollPos
SetScrollPos
KillTimer
GetMessagePos
ClientToScreen
GetPropW
ShowWindow
EnableScrollBar
SetScrollInfo
RemovePropW
SetWindowPos
SetPropW
GetScrollInfo
CallNextHookEx
RemoveMenu
InsertMenuW
UnhookWindowsHookEx
SetWindowsHookExW
GetMenuItemCount
GetMenuItemInfoW
GetFocus
GetCapture
ReleaseCapture
SetCapture
LoadImageW
SetTimer
IsZoomed
PostQuitMessage
GetClassNameW
EndDeferWindowPos
LockWindowUpdate
DeferWindowPos
BeginDeferWindowPos
MonitorFromWindow
GetMonitorInfoW
SetWindowRgn
GetWindowLongW
InflateRect
GetComboBoxInfo
GetWindowRgn
MapDialogRect
DestroyCursor
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
CreateMenu
PtInRect
GetWindowDC
LoadCursorW
SetCursor
IsWindow
OffsetRect
TrackPopupMenuEx
IsMenu
RedrawWindow
GrayStringW
DrawTextExW
DrawTextW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CharUpperBuffW
CopyIcon
UnpackDDElParam
MapWindowPoints
ReuseDDElParam
TabbedTextOutW
EqualRect
ScreenToClient
GetWindowRect
SetWindowLongW
CallWindowProcW
ReleaseDC
GetDC
CharNextW
SetRectEmpty
IsWindowVisible
CopyRect
DrawIcon
GetSystemMetrics
IsIconic
GetSystemMenu
LoadIconW
SetRect
SendMessageW
InvalidateRect
IsRectEmpty
EnableWindow
FillRect
GetClientRect
TrackPopupMenu
SetForegroundWindow
GetCursorPos
AppendMenuW
CreatePopupMenu
GetParent
PostMessageW
DestroyMenu
wsprintfW
CheckMenuItem

gdi32

CreateRoundRectRgn
SetStretchBltMode
GetDeviceCaps
CopyMetaFileW
CreateDCW
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
GetTextMetricsW
CreateRectRgnIndirect
PatBlt
GetBkColor
GetTextColor
SetRectRgn
CombineRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetPixel
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
GetTextExtentPoint32W
CreateFontIndirectW
SetTextColor
SetBkMode
Rectangle
GetStockObject
CreatePen
LineTo
MoveToEx
SetBkColor
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleBitmap
BitBlt
GetDIBColorTable
StretchBlt
CreateDIBSection
GetObjectW
CreateCompatibleDC
SetDIBColorTable
DeleteDC
DeleteObject
CreateHatchBrush
CreateSolidBrush
SelectObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegCloseKey
RegEnumKeyExW

shell32

DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
DragFinish
SHAppBarMessage

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

StrCpyW
StrCatW
StrCmpIW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

ole32

CoInitialize
CoInitializeEx
CoUninitialize
CoCreateGuid
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
OleDuplicateData
CreateStreamOnHGlobal
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VarBstrFromDate
SysAllocString
VariantInit
VariantClear
SysAllocStringLen
SysFreeString
VariantChangeType

gdiplus

GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree
GdipDrawImageI
GdiplusShutdown
GdipDeleteGraphics
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdiplusStartup
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc

dbghelp

MiniDumpWriteDump

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27e144e90461b06be2eddc20d337b8c5

Headers

DLL Characteristics

File Characteristics

Imports

libeasyplayer-rtsp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

dbghelp

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 301KB - Virtual size: 301KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 181KB - Virtual size: 180KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 301KB - Virtual size: 301KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 181KB - Virtual size: 180KB