a2a01a4da593b4da3bac6d91283d880a

Sharing

Copy URL Twitter E-mail

General

Target

a2a01a4da593b4da3bac6d91283d880a
Size

520KB
MD5

a2a01a4da593b4da3bac6d91283d880a
SHA1

8d8521e41b5eac230da608d2edecd8db31847ff1
SHA256

e0ec65e5c679d9b43fa3000ab5057027b2ec61558537c5df5a7fc724a28bcc3f
SHA512

66fb7af7650afad70e4d512eebc7c2abe77b5536241962abfcd5e69bd043bcbfaed34967615b3102b9a3662f6fe1db256e845b46e725005a27a4b3f96a8f192a
SSDEEP

12288:8lWjgD+NjHtAre0ZXkhneFWkv1gYgKiRSC9VuY5EPjUVbFp1bPM8:uD+NjKe0yeFWkv1ZmpVxV5z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2a01a4da593b4da3bac6d91283d880a

Files

a2a01a4da593b4da3bac6d91283d880a
.dll windows:4 windows x86 arch:x86

4862bd3fee8950d1b8aeed8fce2a5b0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\卫星\Dm500代码\Flycccam\bin\plugins\FLYCCCAM.pdb

Imports

kernel32

SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
HeapAlloc
HeapFree
VirtualAlloc
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
HeapSize
HeapDestroy
UnlockFile
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedDecrement
ConvertDefaultLocale
EnumResourceLanguagesA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynA
GlobalMemoryStatus
GetProcessWorkingSetSize
GetSystemInfo
IsDebuggerPresent
TerminateProcess
GetCurrentThread
LocalFree
WriteFile
VirtualQuery
LoadLibraryA
SuspendThread
FreeLibrary
GetCurrentThreadId
FormatMessageA
SetUnhandledExceptionFilter
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCurrentProcess
SetPriorityClass
DeviceIoControl
CreateFileA
GetSystemDefaultLangID
GetModuleHandleA
GetProcAddress
IsBadStringPtrA
UnmapViewOfFile
GetCurrentProcessId
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
VirtualProtect
GetTickCount
CreateThread
WaitForSingleObject
CreateEventA
CloseHandle
Sleep
SetEvent
GetModuleFileNameA
GetCurrentDirectoryA
GetTempPathA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
lstrcpyA
LeaveCriticalSection
EnterCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
CreateDirectoryA
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapCreate
InterlockedExchange

user32

SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
UpdateWindow
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
GetWindow
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadMenuA
InsertMenuA
GetMessageA
DispatchMessageA
TranslateMessage
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetClassNameA
GetWindowTextA
GetSysColor
InvalidateRect
DrawTextA
CopyRect
GetParent
RedrawWindow
GetClientRect
FillRect
wsprintfA
SetForegroundWindow
KillTimer
SetTimer
IsWindowVisible
GetMenu
GetMenuState
CheckMenuItem
DeleteMenu
MessageBoxA
LoadIconA
UnregisterClassA
EnableWindow
SendMessageA
CharUpperA
DefWindowProcA
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
DestroyMenu
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
ReleaseDC
GetDC
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow

gdi32

LineTo
MoveToEx
DeleteObject
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
CreatePen
CreateSolidBrush
SetMapMode
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateRectRgnIndirect
GetPixel
CreateFontA
SelectObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

shlwapi

PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsDirectoryA
PathIsUNCA

oleaut32

VariantInit
VariantChangeType
VariantClear

ws2_32

WSASocketA
WSAEventSelect
inet_addr
WSAConnect
WSAGetLastError
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSARecv
WSASend
WSACloseEvent
closesocket
WSACreateEvent
htonl
htons
WSACleanup
WSAStartup
gethostbyname
inet_ntoa

iphlpapi

GetAdaptersInfo

Exports

Exports

Copyright
DVBPLGCall
DVBPLGClose
DVBPLGGetInfo
DVBPLGInit
EventMsg
Execute
LibTyp
MenuItemClick
On_Channel_Change
On_Exit
On_Filter_Close
On_Hot_Key
On_Key_Down
On_Menu_Select
On_Osd_Key
On_Rec_Play
On_Send_Dll_ID_Name
On_Start
PidCallback
PluginName
PluginPriority
SetAppHandle
SetMenuHandle
Version

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 933KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FLY0
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.FLY1
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4862bd3fee8950d1b8aeed8fce2a5b0f

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 8KB - Virtual size: 933KB

.rsrc Size: 104KB - Virtual size: 100KB

.FLY0 Size: 40KB - Virtual size: 36KB

.FLY1 Size: 92KB - Virtual size: 88KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 8KB - Virtual size: 933KB

.rsrc
Size: 104KB - Virtual size: 100KB

.FLY0
Size: 40KB - Virtual size: 36KB

.FLY1
Size: 92KB - Virtual size: 88KB

.reloc
Size: 16KB - Virtual size: 14KB