General

  • Target

    bandicam-1-6-en.exe

  • Size

    5.0MB

  • MD5

    b3dda3747f13053c8d42651b898ae81b

  • SHA1

    04c3878ff05f1dd2a190ff7824bcfe6e64be70e0

  • SHA256

    e2bda9dd998cbfc495ad3c077b0340447ea325de375953fe7400b3044147730f

  • SHA512

    917d197afea2fc2320ed37ffe14b6eb9ade60d4b3bbbd062184c07c92444b13ae27f2e1df63728d335461b6e7d8139d147906102c0e102abc4e954dcfd77b8b5

  • SSDEEP

    98304:NPhahnEm71/Cs8awInQ9hBZ8XcoaRI5fRrZ8mO2zMQmhBhrqfDGi+4iVPcPx/:NPPmGawIBXcoaMRrZ8mz0Rrgii1jx/

Score
3/10

Malware Config

Signatures

  • Unsigned PE 21 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • bandicam-1-6-en.exe
    .exe windows:5 windows x86 arch:x86

    bf95d1fc1d10de18b32654b123ad5e1f


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    cd90e33ffbc335413a25300c682c83df


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:5 windows x86 arch:x86

    e981c0ab92cb1f191bb5e23392e14796


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:5 windows x86 arch:x86

    45d25ca52c312b2254c60dbcb30342d1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/BDMPEG1SETUP.EXE
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    afa8e526425f3585465337467d0b5909


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $SYSDIR/bdmjpeg.dll
    .dll windows:5 windows x86 arch:x86

    8950e1a0317525f0385b9af601337740


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/bdmjpeg64.dll
    .dll windows:5 windows x64 arch:x64

    04208dfcd9f4d104fd3657338692098d


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/bdmpega.acm
    .dll windows:5 windows x86 arch:x86

    a59629a50eafc3a20d9d62c5f0118409


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/bdmpega64.acm
    .dll windows:5 windows x64 arch:x64

    3259065632343fd95fdf829cba05685c


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/bdmpegv.dll
    .dll windows:5 windows x86 arch:x86

    bf6c7259ffaa7b3eb59b7d97edcbb647


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/bdmpegv64.dll
    .dll windows:5 windows x64 arch:x64

    1c3318cf9e21cee7c0d17aa9a319a3c6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/bdfilters.dll
    .dll .ps1 regsvr32 windows:5 windows x86 arch:x86 polyglot

    27f07fb2c76df7e3ac5b98f25b3ec3e4


    Headers

    Imports

    Exports

    Sections

  • bdfilters.dll
    .dll .ps1 regsvr32 windows:5 windows x86 arch:x86 polyglot

    27f07fb2c76df7e3ac5b98f25b3ec3e4


    Headers

    Imports

    Exports

    Sections

  • bdfilters64.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    03c1aad04c80a2e0fd5bd4c160a3d1d1


    Headers

    Imports

    Exports

    Sections

  • uninstall.exe.nsis
  • bandicam.ini
  • bdcam.dll
    .dll windows:5 windows x86 arch:x86

    3d1d4089a2d30cd703a8fe3edad0bc58


    Headers

    Imports

    Exports

    Sections

  • bdcam.exe
    .exe windows:5 windows x86 arch:x86

    fe818b888484c0ed106ff7a34f72b0ed


    Code Sign

    Headers

    Imports

    Sections

  • bdcam64.bin
    .exe windows:5 windows x64 arch:x64

    90e4a86a73f12ba3f6193581f4a2f5ce


    Headers

    Imports

    Sections

  • bdcam64.dll
    .dll windows:5 windows x64 arch:x64

    834e53c17408fbfc22b73078bd769f24


    Headers

    Imports

    Exports

    Sections

  • bdcamih.dll
    .dll windows:5 windows x86 arch:x86

    cdf3c070c6bb93e55aeb972b8cfb63b2


    Headers

    Imports

    Exports

    Sections

  • bdcap32.dll
    .dll windows:5 windows x86 arch:x86

    e25e06026a2077f26666e7cdb4fdd1ad


    Headers

    Imports

    Exports

    Sections

  • bdcap64.dll
    .dll windows:5 windows x64 arch:x64

    3fae9d0bd12a14875018f2092dac04e4


    Headers

    Imports

    Exports

    Sections

  • bdfix.exe
    .exe windows:5 windows x86 arch:x86

    7b147821e2e570bb13bdf12b3492431b


    Code Sign

    Headers

    Imports

    Sections

  • lang/English.ini
  • lang/Simplified_Chinese.ini
  • language.dat
  • sample.png
    .png
  • skin/btn_black.png
    .png
  • skin/btn_default.png
    .png
  • skin/btn_fullscreen.png
    .png
  • skin/btn_img_start.png
    .png
  • skin/btn_img_stop.png
    .png
  • skin/btn_rec_pause.png
    .png
  • skin/btn_rec_paused.png
    .png
  • skin/btn_rec_start.png
    .png
  • skin/btn_rec_stop.png
    .png
  • skin/btn_restore.png
    .png
  • skin/target.xml
  • uninstall.exe.nsis