E:\code\09-SVN\branch_nvr32\src\Vendor_Client\happytime-onvif-client-library-code\bin\win32\release\OnvifClientLibrary.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
687e47ec24258bee536024ec8951921016966b88e17a4bc6bada4bd0e4d5ab6c.dll
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
687e47ec24258bee536024ec8951921016966b88e17a4bc6bada4bd0e4d5ab6c.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
687e47ec24258bee536024ec8951921016966b88e17a4bc6bada4bd0e4d5ab6c
-
Size
1.1MB
-
MD5
998d09d0cab3f0e052cf7d501d9d9043
-
SHA1
80c08c27f479b837b621dbf2690c7ab5f0de829c
-
SHA256
687e47ec24258bee536024ec8951921016966b88e17a4bc6bada4bd0e4d5ab6c
-
SHA512
bf6b060eb7b3240c040f99cd3aee7dfcd978b477a51da935aa276edbf3c45a754e4d4f2c1f79a9a12b398b91223071b7e962eaef61a80e42b212165d41c4196b
-
SSDEEP
24576:GizVuYelkVgCx/J6uGjsCFSA7sKPLW7Haz5GwXTkPiM94lRWeoRd:LelBzsCFF7XTkPijlRJoRd
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 687e47ec24258bee536024ec8951921016966b88e17a4bc6bada4bd0e4d5ab6c
Files
-
687e47ec24258bee536024ec8951921016966b88e17a4bc6bada4bd0e4d5ab6c.dll windows:6 windows x86 arch:x86
aedd34eb931701e1327f8ddb583c2f0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
winmm
timeKillEvent
timeSetEvent
kernel32
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
GetTickCount
GetLastError
SetEvent
CreateThread
CreateEventA
HeapSize
GetCurrentThreadId
SetEndOfFile
OutputDebugStringW
Sleep
InitializeSListHead
GetFileSizeEx
CreateFileW
HeapReAlloc
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
WriteFile
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleW
FormatMessageW
WideCharToMultiByte
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCurrentThread
HeapFree
GetConsoleMode
ReadConsoleW
HeapAlloc
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
iphlpapi
GetAdaptersInfo
GetAdaptersAddresses
GetBestInterface
GetIpAddrTable
ws2_32
bind
listen
getsockname
gethostbyname
socket
connect
inet_ntoa
getsockopt
htons
ioctlsocket
sendto
send
inet_addr
__WSAFDIsSet
closesocket
select
ntohl
shutdown
ntohs
recv
setsockopt
recvfrom
accept
WSAGetLastError
Exports
Exports
??0CRtsp@@QAE@XZ
??1CRtsp@@QAE@XZ
?audio_rtp_rx@CRtsp@@AAEXPAEHIIH@Z
?computeAbsDonFromDON@CRtsp@@AAEX_K@Z
?copy_str_from_url@CRtsp@@AAEXPADPBDI@Z
?get_rtsp_audio_media_info@CRtsp@@AAEHXZ
?get_rtsp_video_media_info@CRtsp@@AAEHXZ
?get_sps_pps_para@CRtsp@@QAEXPAEPAH01@Z
?get_sps_pps_para@CRtsp@@QAEXXZ
?get_vps_sps_pps_para@CRtsp@@QAEXXZ
?parse_url@CRtsp@@AAEHPBDAAPAD11AAHPAPBD@Z
?rtp_aac_rx@CRtsp@@AAEHPAEHIIH@Z
?rtp_g726_rx@CRtsp@@AAEHPAEHIIH@Z
?rtp_h264_rx@CRtsp@@AAEHPAEHIIH@Z
?rtp_h265_rx@CRtsp@@AAEHPAEHIIH@Z
?rtp_mjpeg_rx@CRtsp@@AAEHPAEHIIH@Z
?rtp_mpeg4_rx@CRtsp@@AAEHPAEHIIH@Z
?rtp_pcm_rx@CRtsp@@AAEHPAEHIIH@Z
?rtsp_auth@CRtsp@@QAEHPBD00@Z
?rtsp_client_start@CRtsp@@AAEHXZ
?rtsp_client_state@CRtsp@@AAEHPAUrtsp_ua@@PAUhrtsp_msg_content@@@Z
?rtsp_client_stop@CRtsp@@AAEXPAUrtsp_ua@@@Z
?rtsp_close@CRtsp@@QAEHXZ
?rtsp_data_rx@CRtsp@@AAEXPAEH@Z
?rtsp_describe_res@CRtsp@@AAEHPAUrtsp_ua@@PAUhrtsp_msg_content@@@Z
?rtsp_get_aac_config@CRtsp@@AAEXPAUrtsp_ua@@@Z
?rtsp_get_mpeg4_config@CRtsp@@AAEXPAUrtsp_ua@@@Z
?rtsp_keep_alive@CRtsp@@AAEXXZ
?rtsp_msg_parser@CRtsp@@AAEHPAUrtsp_ua@@@Z
?rtsp_options_res@CRtsp@@AAEHPAUrtsp_ua@@PAUhrtsp_msg_content@@@Z
?rtsp_pause@CRtsp@@QAEHXZ
?rtsp_pkt_find_end@CRtsp@@AAEHPAD@Z
?rtsp_play@CRtsp@@QAEHXZ
?rtsp_play_res@CRtsp@@AAEHPAUrtsp_ua@@PAUhrtsp_msg_content@@@Z
?rtsp_send_sps_pps_para@CRtsp@@AAEXPAUrtsp_ua@@@Z
?rtsp_send_vps_sps_pps_para@CRtsp@@AAEXPAUrtsp_ua@@@Z
?rtsp_setup_audio_res@CRtsp@@AAEHPAUrtsp_ua@@PAUhrtsp_msg_content@@@Z
?rtsp_setup_video_res@CRtsp@@AAEHPAUrtsp_ua@@PAUhrtsp_msg_content@@@Z
?rtsp_start@CRtsp@@QAEHPBD00@Z
?rtsp_start@CRtsp@@QAEHPBD0H00@Z
?rtsp_stop@CRtsp@@QAEHXZ
?rtsp_tcp_rx@CRtsp@@AAEHXZ
?rua_init_connect@CRtsp@@AAEHPAUrtsp_ua@@@Z
?rx_thread@CRtsp@@QAEXXZ
?send_notify@CRtsp@@AAEXH@Z
?set_audio_cb@CRtsp@@QAEXP6AHPAEHIGPAX@Z@Z
?set_codec_id@CRtsp@@QAEXABH@Z
?set_fu_buffer_size@CRtsp@@QAEXH@Z
?set_notify_cb@CRtsp@@QAEXP6AHHPAX@Z0@Z
?set_video_cb@CRtsp@@QAEXP6AHPAEHIGPAX@Z@Z
?video_rtp_rx@CRtsp@@AAEXPAEHIIH@Z
CvtHex
FirmwareUpgrade
FreeSnapshotBuff
GetAudioEncoderConfigurations
GetAudioSourceConfigurations
GetAudioSources
GetCapabilities
GetConfigurations
GetDeviceInformation
GetImagingSettings
GetLineText
GetLineWord
GetNameValuePair
GetNodes
GetProfiles
GetServices
GetSipLine
GetSnapshot
GetStreamUris
GetVideoEncoderConfigurations
GetVideoSourceConfigurations
GetVideoSources
MD5Final
MD5Init
MD5String
MD5Update
Subscribe
Unsubscribe
base64_decode
base64_encode
find_ctt_headline
find_http_headline
free_ctx_hdrv
free_hdrv_buf
free_http_msg
free_http_msg_content
free_http_msg_ctx
free_net_buf
free_rtsp_msg_buf
get_address_by_name
get_default_gateway
get_default_if_ip
get_default_if_mac
get_dns_server
get_hdrv_buf
get_http_ctt
get_http_headline
get_idle_net_buf
get_if_ip
get_if_nums
get_mask_by_prefix_len
get_ownership
get_prefix_len_by_mask
get_route_if_ip
get_rtsp_msg_buf
get_time_by_string
giveup_ownership
h_list_add_at_back
h_list_add_at_front
h_list_create
h_list_free_all_node
h_list_free_container
h_list_get_from_back
h_list_get_from_front
h_list_get_number_of_nodes
h_list_insert
h_list_is_empty
h_list_lookup_end
h_list_lookup_next
h_list_lookup_start
h_list_remove
h_list_remove_data
h_list_remove_from_back
h_list_remove_from_front
h_list_remove_from_front_no_lock
hdrv_buf_fl_deinit
hdrv_buf_fl_init
hqBufGet
hqBufGetWait
hqBufGetWaitPost
hqBufIsEmpty
hqBufIsFull
hqBufPeek
hqBufPut
hqBufPutPtrWait
hqBufPutPtrWaitPost
hqCreate
hqDelete
http_cln_index
http_ctt_parse
http_free_msg_buf
http_free_used_cln
http_get_auth_digest_info
http_get_cln_by_index
http_get_idle_cln
http_get_msg_buf
http_get_msg_large_buf
http_headl_parse
http_idle_msg_buf_num
http_line_parse
http_msg_buf_fl_deinit
http_msg_buf_fl_init
http_msg_ctx_init
http_msg_parse
http_msg_parse_part1
http_msg_parse_part2
http_onvif_firmware_upgrade
http_onvif_get_snapshot
http_onvif_trans
http_pkt_find_end
http_srv_deinit
http_srv_init
http_srv_net_init
hxml_parse
hxml_parse_attr
hxml_parse_element
hxml_parse_element_end
hxml_parse_element_start
hxml_parse_header
idle_hdrv_buf_num
idle_net_buf_num
idle_rtsp_msg_buf_num
init_probe
init_ul_hdrv_ctx
is_char
is_http_msg
is_integer
is_ip_address
is_num
is_separator
log_close
log_get_level
log_init
log_lock_end
log_lock_print
log_lock_start
log_print
log_set_level
log_time_init
lowercase
mem_log_print
mem_log_quit
net_buf_fl_deinit
net_buf_fl_init
onvif_AbsoluteMove
onvif_AccessDoor
onvif_AddAudioEncoderConfiguration
onvif_AddAudioSourceConfiguration
onvif_AddPTZConfiguration
onvif_AddScopes
onvif_AddVideoAnalyticsConfiguration
onvif_AddVideoEncoderConfiguration
onvif_AddVideoSourceConfiguration
onvif_AudioEncodingToString
onvif_AutoFocusModeToString
onvif_BacklightCompensationModeToString
onvif_BlockDoor
onvif_CapabilityCategoryToString
onvif_ContinuousMove
onvif_CreateAnalyticsModules
onvif_CreateOSD
onvif_CreatePresetTour
onvif_CreatePrivacyMask
onvif_CreateProfile
onvif_CreatePullPointSubscription
onvif_CreateRules
onvif_CreateUsers
onvif_DeleteAnalyticsModules
onvif_DeleteOSD
onvif_DeletePrivacyMask
onvif_DeleteProfile
onvif_DeleteRules
onvif_DeleteUsers
onvif_DigitalIdleStateToString
onvif_DisableAccessPoint
onvif_DiscoveryModeToString
onvif_DoorAlarmStateToString
onvif_DoorFaultStateToString
onvif_DoorModeToString
onvif_DoorPhysicalStateToString
onvif_DoorTamperStateToString
onvif_DoubleLockDoor
onvif_DynamicDNSTypeToString
onvif_EFlipModeToString
onvif_EnableAccessPoint
onvif_EndSearch
onvif_ExposureModeToString
onvif_ExposurePriorityToString
onvif_FactoryDefaultTypeToString
onvif_FindEvents
onvif_FindRecordings
onvif_GetAccessPointInfo
onvif_GetAccessPointInfoList
onvif_GetAccessPointState
onvif_GetAnalyticsModules
onvif_GetAreaInfo
onvif_GetAreaInfoList
onvif_GetAudioEncoderConfiguration
onvif_GetAudioEncoderConfigurationOptions
onvif_GetAudioEncoderConfigurations
onvif_GetAudioSourceConfiguration
onvif_GetAudioSourceConfigurationOptions
onvif_GetAudioSourceConfigurations
onvif_GetAudioSources
onvif_GetCapabilities
onvif_GetConfiguration
onvif_GetConfigurationOptions
onvif_GetConfigurations
onvif_GetDNS
onvif_GetDeviceInformation
onvif_GetDiscoveryMode
onvif_GetDoorInfo
onvif_GetDoorInfoList
onvif_GetDoorState
onvif_GetDynamicDNS
onvif_GetEventProperties
onvif_GetEventSearchResults
onvif_GetHostname
onvif_GetImagingSettings
onvif_GetLastError
onvif_GetMediaAttributes
onvif_GetNTP
onvif_GetNetworkDefaultGateway
onvif_GetNetworkInterfaces
onvif_GetNetworkProtocols
onvif_GetNode
onvif_GetNodes
onvif_GetOSD
onvif_GetOSDOptions
onvif_GetOSDs
onvif_GetOptions
onvif_GetPresetTour
onvif_GetPresetTourOptions
onvif_GetPresetTours
onvif_GetPresets
onvif_GetPrivacyMask
onvif_GetProfile
onvif_GetProfiles
onvif_GetRecordingInformation
onvif_GetRecordingSearchResults
onvif_GetRecordingSummary
onvif_GetReplayUri
onvif_GetRules
onvif_GetScopes
onvif_GetSearchState
onvif_GetServices
onvif_GetSnapshotUri
onvif_GetStatus
onvif_GetStreamUri
onvif_GetSupportedRules
onvif_GetSystemDateAndTime
onvif_GetSystemLog
onvif_GetUsers
onvif_GetVideoAnalyticsConfiguration
onvif_GetVideoAnalyticsConfigurations
onvif_GetVideoEncoderConfiguration
onvif_GetVideoEncoderConfigurationOptions
onvif_GetVideoEncoderConfigurations
onvif_GetVideoSourceConfiguration
onvif_GetVideoSourceConfigurationOptions
onvif_GetVideoSourceConfigurations
onvif_GetVideoSourceModes
onvif_GetVideoSources
onvif_GotoHomePosition
onvif_GotoPreset
onvif_H264ProfileToString
onvif_IrCutFilterModeToString
onvif_LockDoor
onvif_LockDownDoor
onvif_LockDownReleaseDoor
onvif_LockOpenDoor
onvif_LockOpenReleaseDoor
onvif_LockPhysicalStateToString
onvif_ModifyAnalyticsModules
onvif_ModifyPresetTour
onvif_ModifyRules
onvif_MoveStatusToString
onvif_Mpeg4ProfileToString
onvif_OSDPosTypeToString
onvif_OSDTextTypeToString
onvif_OSDTypeToString
onvif_OperatePresetTour
onvif_PTZPresetTourDirectionToString
onvif_PTZPresetTourOperationToString
onvif_PTZPresetTourStateToString
onvif_PTZStop
onvif_ParityBitToString
onvif_PropertyOperationToString
onvif_PullMessages
onvif_RecordingStatusToString
onvif_RelativeMove
onvif_RelayIdleStateToString
onvif_RelayLogicalStateToString
onvif_RelayModeToString
onvif_RemoveAudioEncoderConfiguration
onvif_RemoveAudioSourceConfiguration
onvif_RemovePTZConfiguration
onvif_RemovePreset
onvif_RemovePresetTour
onvif_RemoveScopes
onvif_RemoveVideoAnalyticsConfiguration
onvif_RemoveVideoEncoderConfiguration
onvif_RemoveVideoSourceConfiguration
onvif_Renew
onvif_ReverseModeToString
onvif_RotateModeToString
onvif_ScopeDefinitionToString
onvif_SearchStateToString
onvif_SerialPortTypeToString
onvif_SetAudioEncoderConfiguration
onvif_SetAudioSourceConfiguration
onvif_SetAuthInfo
onvif_SetConfiguration
onvif_SetDNS
onvif_SetDateTimeTypeToString
onvif_SetDiscoveryMode
onvif_SetDynamicDNS
onvif_SetHomePosition
onvif_SetHostname
onvif_SetHostnameFromDHCP
onvif_SetHttpConnectTimeout
onvif_SetImagingSettings
onvif_SetNTP
onvif_SetNetworkDefaultGateway
onvif_SetNetworkInterfaces
onvif_SetNetworkProtocols
onvif_SetOSD
onvif_SetPreset
onvif_SetScopes
onvif_SetSynchronizationPoint
onvif_SetSystemDateAndTime
onvif_SetSystemFactoryDefault
onvif_SetUser
onvif_SetVideoAnalyticsConfiguration
onvif_SetVideoEncoderConfiguration
onvif_SetVideoSourceConfiguration
onvif_SetVideoSourceMode
onvif_StartFirmwareUpgrade
onvif_StreamTypeToString
onvif_StringToAudioEncoding
onvif_StringToAutoFocusMode
onvif_StringToBacklightCompensationMode
onvif_StringToCapabilityCategory
onvif_StringToDigitalIdleState
onvif_StringToDiscoveryMode
onvif_StringToDoorAlarmState
onvif_StringToDoorFaultState
onvif_StringToDoorMode
onvif_StringToDoorPhysicalState
onvif_StringToDoorTamperState
onvif_StringToDynamicDNSType
onvif_StringToEFlipMode
onvif_StringToExposureMode
onvif_StringToExposurePriority
onvif_StringToFactoryDefaultType
onvif_StringToH264Profile
onvif_StringToIrCutFilterMode
onvif_StringToLockPhysicalState
onvif_StringToMoveStatus
onvif_StringToMpeg4Profile
onvif_StringToOSDPosType
onvif_StringToOSDTextType
onvif_StringToOSDType
onvif_StringToPTZPresetTourDirection
onvif_StringToPTZPresetTourOperation
onvif_StringToPTZPresetTourState
onvif_StringToParityBit
onvif_StringToPropertyOperation
onvif_StringToRecordingStatus
onvif_StringToRelayIdleState
onvif_StringToRelayLogicalState
onvif_StringToRelayMode
onvif_StringToReverseMode
onvif_StringToRotateMode
onvif_StringToScopeDefinition
onvif_StringToSearchState
onvif_StringToSerialPortType
onvif_StringToSetDateTimeType
onvif_StringToStreamType
onvif_StringToSystemLogType
onvif_StringToTrackType
onvif_StringToTransportProtocol
onvif_StringToUserLevel
onvif_StringToVideoEncoding
onvif_StringToWhiteBalanceMode
onvif_StringToWideDynamicMode
onvif_Subscribe
onvif_SystemLogTypeToString
onvif_SystemReboot
onvif_TrackTypeToString
onvif_TransportProtocolToString
onvif_UnlockDoor
onvif_Unsubscribe
onvif_UserLevelToString
onvif_VideoEncodingToString
onvif_WhiteBalanceModeToString
onvif_WideDynamicModeToString
onvif_add_AccessPointInfo
onvif_add_AreaInfo
onvif_add_AudioEncoder2Configuration
onvif_add_AudioEncoder2ConfigurationOptions
onvif_add_AudioEncoderConfiguration
onvif_add_AudioSource
onvif_add_AudioSourceConfiguration
onvif_add_Config
onvif_add_ConfigDescription
onvif_add_ConfigDescription_Messages
onvif_add_DoorInfo
onvif_add_ElementItem
onvif_add_MediaProfile
onvif_add_MetadataConfiguration
onvif_add_NetworkInterface
onvif_add_NotificationMessage
onvif_add_OSDConfiguration
onvif_add_PTZConfiguration
onvif_add_PTZNode
onvif_add_PTZPreset
onvif_add_PTZPresetTourSpot
onvif_add_PresetTour
onvif_add_Profile
onvif_add_RecordingInformation
onvif_add_SimpleItem
onvif_add_SimpleItemDescription
onvif_add_Track
onvif_add_TrackAttributes
onvif_add_User
onvif_add_VideoAnalyticsConfiguration
onvif_add_VideoEncoder2Configuration
onvif_add_VideoEncoder2ConfigurationOptions
onvif_add_VideoEncoderConfiguration
onvif_add_VideoSource
onvif_add_VideoSourceConfiguration
onvif_add_VideoSourceMode
onvif_datetime_to_time_t
onvif_device_add_NotificationMessages
onvif_device_free_NotificationMessages
onvif_event_notify
onvif_event_timer_deinit
onvif_event_timer_init
onvif_find_AccessPointInfo
onvif_find_AreaInfo
onvif_find_AudioEncoder2Configuration
onvif_find_AudioEncoder2ConfigurationOptions
onvif_find_AudioEncoderConfiguration
onvif_find_AudioSource
onvif_find_AudioSourceConfiguration
onvif_find_Config
onvif_find_DoorInfo
onvif_find_MediaProfile
Sections
.text Size: 845KB - Virtual size: 845KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 170KB - Virtual size: 170KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ