5066b3f481d173b8d691c8f2388595843d0671cb7182bc821dc2e8aad940a32d

Sharing

Copy URL Twitter E-mail

General

Target

5066b3f481d173b8d691c8f2388595843d0671cb7182bc821dc2e8aad940a32d
Size

1.1MB
MD5

7ac67ac53d6dc72c16fb39d4379abcfd
SHA1

5babd07a40373865435dceb3bfe2603302d17747
SHA256

5066b3f481d173b8d691c8f2388595843d0671cb7182bc821dc2e8aad940a32d
SHA512

e342a47c935b8ca82d583b5ec3c0cabf5080669027dd93d51a84b0c739d73d35eba9c385cc7bbf3b5db0d68f2531aa8beb0527514e1695fdb55e1d7af332b1ca
SSDEEP

24576:fMnwRHEyTMep7j4cJdntg8K4bQtLZ38+4A2Vzblso2yZi:f0wRHdbJdntg8TQtLZ38+4hVtZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5066b3f481d173b8d691c8f2388595843d0671cb7182bc821dc2e8aad940a32d

Files

5066b3f481d173b8d691c8f2388595843d0671cb7182bc821dc2e8aad940a32d
.dll windows:4 windows x86 arch:x86

8eb8b5f26e437459f157d282eeca7c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\workspace\SNS\Branches\GENERAL_SNS_20091221\Test\PlayBack.pdb

Imports

kernel32

WideCharToMultiByte
GetLocaleInfoW
IsValidLocale
LoadResource
GetUserDefaultLCID
LCMapStringW
LCMapStringA
SetStdHandle
GetDriveTypeA
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LockResource
GetLocalTime
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
OutputDebugStringA
Sleep
GetLastError
CreateThread
CloseHandle
WaitForSingleObject
TerminateThread
GetPrivateProfileStringA
GlobalFree
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileA
GetPrivateProfileIntA
GetModuleFileNameA
GetTickCount
CreateEventA
SetEvent
ResetEvent
CreateDirectoryA
GetDiskFreeSpaceExA
GetEnvironmentVariableW
GetVersion
InterlockedExchange
MultiByteToWideChar
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenW
GetStringTypeExW
GetStringTypeExA
lstrcmpiW
lstrcmpiA
lstrlenA
WritePrivateProfileStringA
WritePrivateProfileStructA
GetPrivateProfileStructA
SetCurrentDirectoryA
GetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
FreeResource
MulDiv
FreeLibrary
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetProcAddress
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetACP
GetStartupInfoA
LoadLibraryA
GetWindowsDirectoryA
SizeofResource
GetFileType
GetStdHandle
SetHandleCount
GetTimeZoneInformation
HeapSize
ExitThread
ExitProcess
GetProcessHeap
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetDateFormatA
GetTimeFormatA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetSystemTimeAsFileTime
RtlUnwind
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
GlobalFlags
GetAtomNameA
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
MoveFileA
FindFirstFileA
FileTimeToLocalFileTime
FindNextFileA
FindClose
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetVersionExA
SetLastError
CopyFileA
GlobalSize
FormatMessageA
LocalFree
EnumSystemLocalesA
FindResourceA

user32

GetWindowRect
SetMenu
SetRect
FillRect
AppendMenuA
CreatePopupMenu
GetDC
ReleaseDC
PtInRect
SetRectEmpty
DrawMenuBar
InvalidateRect
IsWindowVisible
SetTimer
EnumDisplaySettingsA
KillTimer
ChangeDisplaySettingsA
GetSystemMetrics
GetClientRect
GetCursorPos
IsWindow
LoadImageA
MoveWindow
EnableWindow
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
ScreenToClient
SetParent
GetTopWindow
CallWindowProcA
RemoveMenu
GetSubMenu
InsertMenuA
GetMenuStringA
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetWindowPlacement
IsIconic
IntersectRect
OffsetRect
DefWindowProcA
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
MessageBoxA
GetMenu
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
BeginPaint
EndPaint
MsgWaitForMultipleObjects
CharNextA
GetKeyNameTextA
MapVirtualKeyA
GetWindowThreadProcessId
InflateRect
GetMenuItemInfoA
DestroyMenu
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
UnregisterClassA
GetSysColorBrush
LoadCursorA
GetDialogBaseUnits
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
DeleteMenu
DestroyIcon
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetFocus
GetWindowRgn
GetWindowDC
GetMenuItemID
GetMenuItemCount
CopyRect
GetSystemMenu
ShowWindow
UpdateWindow
SystemParametersInfoA
SetWindowPos
GetWindow
DrawEdge
LoadBitmapA
GetDesktopWindow
DestroyCursor
SetCursor
ClientToScreen
GetCapture
WindowFromPoint
GetSysColor
CharUpperA
CharUpperW
CharLowerA
CharLowerW
SetCapture
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawFocusRect
GetKeyState
ReleaseCapture
SetWindowRgn
GetParent
RedrawWindow
PostMessageA
SendMessageA

gdi32

ExtCreateRegion
SelectPalette
GetDeviceCaps
GetTextMetricsA
StretchBlt
SelectClipRgn
DeleteDC
GetTextExtentPoint32A
CombineRgn
CreateRectRgn
Escape
ExtTextOutA
TextOutA
GetPixel
RectVisible
PtVisible
LPtoDP
RealizePalette
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
GetDIBits
CreateRoundRectRgn
CreateFontIndirectA
GetObjectA
BitBlt
Rectangle
SelectObject
CreateCompatibleDC
CreateSolidBrush
CreatePen
CreateCompatibleBitmap
DeleteObject
SwapBuffers
ChoosePixelFormat
SetPixelFormat
CopyMetaFileA
CreateDCA
GetDCOrgEx
GetClipBox
PtInRegion
CreateEllipticRgn
SetTextColor
SetBkColor
CreateBitmap
CreateICA
DPtoLP
GetRgnBox
SetRectRgn
PatBlt
CreateRectRgnIndirect
GetTextColor
CreateHatchBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
GetStockObject
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocA
SelectClipPath
GetClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC

advapi32

RegEnumKeyA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegQueryValueA
RegDeleteValueA
RegCreateKeyA
RegSetValueA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ExtractIconA
SHGetFileInfoA
ShellExecuteA

ole32

OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoFreeUnusedLibraries
OleFlushClipboard
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
OleUninitialize
CoRegisterMessageFilter
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleInitialize
CoDisconnectObject
CreateStreamOnHGlobal

oleaut32

LoadTypeLi
SysAllocString
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
OleLoadPicture
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VarDateFromStr

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveExtensionA

oledlg

ord8

h264play

ord85
ord18
ord88
ord104
ord26
_H264_PLAY_SetInfoFrameCallBack_V2@12
ord67
ord23
ord13
ord43
ord78
ord77
ord37
ord39
ord28
ord9
ord8
ord36
ord70
ord47
ord46
ord71
ord84
ord83
ord95
ord29
ord22
ord21
ord11
ord10
ord5
ord7
ord6
ord102
ord2
ord52
ord1
ord82
ord61
ord38
ord41
ord44
ord14
ord17
ord33
ord19
ord3
ord40
ord4
ord89
ord98

streamreader

ord2
ord4
ord8
ord1

hcnetsdk

NET_DVR_StopSaveRealData
NET_DVR_SaveRealData

playctrl

PlayM4_Fast
PlayM4_CloseFile
PlayM4_OpenFile
PlayM4_GetBMP
PlayM4_SetDisplayRegion
PlayM4_Slow
PlayM4_InitDDrawDevice
PlayM4_ReleaseDDrawDevice
PlayM4_CloseStream
PlayM4_Play
PlayM4_Stop
PlayM4_InputVideoData
PlayM4_InputData
PlayM4_SetDisplayBuf
PlayM4_OpenStream
PlayM4_SetStreamOpenMode
PlayM4_Pause
PlayM4_PlaySoundShare
PlayM4_StopSoundShare
PlayM4_SetVolume
PlayM4_GetPictureSize
PlayM4_RegisterDrawFun
PlayM4_GetPlayedFrames
PlayM4_SetFileRefCallBack
PlayM4_GetOverlayMode
PlayM4_GetColor
PlayM4_SetColor
PlayM4_SetOverlayMode
PlayM4_SetPicQuality
PlayM4_GetCurrentFrameRate
PlayM4_GetFileTotalFrames
PlayM4_OneByOneBack
PlayM4_OneByOne
PlayM4_RefreshPlay
PlayM4_ResetBuffer
PlayM4_ResetSourceBuffer
PlayM4_GetSourceBufferRemain
PlayM4_GetBufferValue
PlayM4_GetPlayedTime
PlayM4_GetFileTime
PlayM4_GetPlayPos
PlayM4_SetPlayPos

dhplay

ord12
ord21
ord22
ord101
ord11
ord97
ord83
ord49
ord34
ord96
ord5
ord6
ord18
ord42
ord43
ord14
ord40
ord70
ord94
ord3
ord4
ord8
ord9
ord7
ord19
ord79
ord23
ord95
ord89
ord88
ord41
ord30
ord17
ord29
ord55
ord10
ord38
ord82
ord50

opengl32

wglDeleteContext
wglMakeCurrent
wglCreateContext
glHint
glDepthFunc
glEnable
glClearColor
glShadeModel
glLoadIdentity
glClearDepth
glFlush
glViewport
glMatrixMode

glu32

gluPerspective

glew32

_glewInit@0

vrsoft

VRSoft_GetCameraMount
VRSoft_OnTouchPinchScale
VRSoft_GetShape
VRSoft_Drawself
VRSoft_OnTouchFling
VRSoft_OnTouchMove
VRSoft_AutoAdjust
VRSoft_OnTouchUp
VRSoft_OnTouchDown
VRSoft_SetShape
VRSoft_SetCameraMount
VRSoft_DisplayRect
VRSoft_SetFecParams
VRSoft_SetType
VRSoft_GetType
VRSoft_Init
VRSoft_SetAttribute
VRSoft_Prepare
VRSoft_Create
VRSoft_SetYUV420PTexture
VRSoft_Release

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Exports

Exports

Playback_CloseVideo
Playback_ControlAudio
Playback_ControlLeft
Playback_ControlRight
Playback_EndDownload
Playback_Init
Playback_InsertDevice
Playback_Move
Playback_OpenVideo
Playback_SetSource
Playback_SetStyle
Playback_ShowWindow
Playback_StartDownload
Playback_UnInit
Playback_languageInit

Sections

.text
Size: 868KB - Virtual size: 865KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8eb8b5f26e437459f157d282eeca7c5c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

oledlg

h264play

streamreader

hcnetsdk

playctrl

dhplay

opengl32

glu32

glew32

vrsoft

oleacc

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 868KB - Virtual size: 865KB

.rdata Size: 160KB - Virtual size: 157KB

.data Size: 24KB - Virtual size: 36KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 48KB - Virtual size: 47KB

.text
Size: 868KB - Virtual size: 865KB

.rdata
Size: 160KB - Virtual size: 157KB

.data
Size: 24KB - Virtual size: 36KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 48KB - Virtual size: 47KB