dd6a62bae7ab641c90ee5875ef17c00092386458253b8abaccdcf249e4bcb020

Sharing

Copy URL Twitter E-mail

General

Target

dd6a62bae7ab641c90ee5875ef17c00092386458253b8abaccdcf249e4bcb020
Size

927KB
MD5

99781d5463b357f3710e354766b54f55
SHA1

d19c4f27f1f771153e354b2977c5e9419aee6b40
SHA256

dd6a62bae7ab641c90ee5875ef17c00092386458253b8abaccdcf249e4bcb020
SHA512

aba4acc78967c2d6c007d4a72bf1c990eddebda76348c64b07d2921c77a1a7c294c082720beb140eaed2986145bd031835b3322a4a49a34fdc4d848ecdb858e7
SSDEEP

24576:gVtlFJSmkNTw1Cgfboa2PR5Te3TtC3Yn8tVd149p6rY+Gtcv:tmkNTP2tUYA14f6r7mcv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd6a62bae7ab641c90ee5875ef17c00092386458253b8abaccdcf249e4bcb020

Files

dd6a62bae7ab641c90ee5875ef17c00092386458253b8abaccdcf249e4bcb020
.dll windows:5 windows x86 arch:x86

7a0ee10eee9e1f4b7c9a1b04858a6d59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SourceSvn\PC_Client\Window_Header_dll_lib\dll\AjNetSdkDll.pdb

Imports

kernel32

FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GlobalFlags
CompareStringW
RtlUnwind
AreFileApisANSI
GetSystemTimeAsFileTime
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
HeapQueryInformation
ExitProcess
GetModuleHandleExW
GetStdHandle
IsValidCodePage
DuplicateHandle
GetCPInfo
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStartupInfoW
GetConsoleCP
MoveFileExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
OutputDebugStringW
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
WriteFile
UnlockFile
lstrlenA
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileType
GetCurrentProcess
GetFileSize
FlushFileBuffers
FindFirstFileW
CreateFileW
FileTimeToSystemTime
GetCurrentProcessId
WaitForSingleObject
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
lstrcmpA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
GetACP
GetExitCodeThread
TerminateThread
GetThreadTimes
CreateThread
InitializeCriticalSectionAndSpinCount
RaiseException
HeapSize
DecodePointer
InterlockedIncrement
FormatMessageW
GetTimeZoneInformation
GetSystemTime
LocalFree
GetLastError
FindFirstFileA
CreateDirectoryA
GetLocalTime
FindClose
SetLastError
GetCurrentThreadId
HeapReAlloc
HeapAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateEventW
CloseHandle
WideCharToMultiByte
Sleep
MultiByteToWideChar
DeleteFileW
GetFileAttributesW
FindResourceW
GetModuleFileNameW
GetTickCount
SizeofResource
LoadResource
GetProcessHeap
HeapFree
LockResource
GetOEMCP
InterlockedDecrement

user32

PostQuitMessage
DestroyMenu
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
RealChildWindowFromPoint
ClientToScreen
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
CharUpperW
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
GetWindowThreadProcessId
SetWindowTextW
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
GetClientRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
MsgWaitForMultipleObjects
CharLowerBuffW
PostMessageW
PostThreadMessageW
UnregisterClassW
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetWindowTextW
GetWindowLongW
GetWindow
RegisterWindowMessageW
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
SetWindowPos
DestroyWindow
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
ExtTextOutW
TextOutW
SetMapMode
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathIsDirectoryA
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString

iphlpapi

GetAdaptersInfo
GetNetworkParams
GetBestInterface

dsound

ord8
ord6

ws2_32

recvfrom
ntohl
ioctlsocket
WSAIoctl
WSAGetLastError
gethostbyname
send
recv
connect
bind
shutdown
inet_ntoa
WSAStartup
WSACleanup
__WSAFDIsSet
closesocket
htons
inet_addr
select
sendto
setsockopt
socket
htonl

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

?ALawDecode@G711@@SAHE@Z
?ALawDecode@G711@@SAIPAFPBEI@Z
?ALawEncode@G711@@SAEF@Z
?ALawEncode@G711@@SAIPAEPAFI@Z
?ALawToULaw@G711@@SAEE@Z
?ALawToULaw@G711@@SAIPAEPBEI@Z
?Decode@G726@@QAEII@Z
?Decode@G726@@QAEIPAXPBXHI@Z
?Encode@G726@@QAEII@Z
?Encode@G726@@QAEIPAXHPBXI@Z
?Reset@G726@@QAEXXZ
?SetLaw@G726@@QAEXW4Law@@@Z
?SetRate@G726@@QAEXW4Rate@@@Z
?ULawDecode@G711@@SAHE@Z
?ULawDecode@G711@@SAIPAFPBEI@Z
?ULawEncode@G711@@SAEF@Z
?ULawEncode@G711@@SAIPAEPAFI@Z
?ULawToALaw@G711@@SAEE@Z
?ULawToALaw@G711@@SAIPAEPBEI@Z
AJ_NETSDK_IPC_AddInviteAudioStream
AJ_NETSDK_IPC_AddTalk
AJ_NETSDK_IPC_Alarm_getInputByXml
AJ_NETSDK_IPC_Alarm_getMotionDetectByXml
AJ_NETSDK_IPC_Alarm_getStorageFullByXml
AJ_NETSDK_IPC_Alarm_getVideoCoverByXml
AJ_NETSDK_IPC_Alarm_getVideoLostByXml
AJ_NETSDK_IPC_Cleanup
AJ_NETSDK_IPC_CloseUpgradeHandle
AJ_NETSDK_IPC_ControlPlay
AJ_NETSDK_IPC_CreateIFrame
AJ_NETSDK_IPC_FormatDisk
AJ_NETSDK_IPC_GET_AlarmConfig
AJ_NETSDK_IPC_GET_AudioCaputreConfig
AJ_NETSDK_IPC_GET_AudioConfig
AJ_NETSDK_IPC_GET_AudioEncodeConfig
AJ_NETSDK_IPC_GET_FtpServerConfig
AJ_NETSDK_IPC_GET_GB28181Config
AJ_NETSDK_IPC_GET_InputAlarm
AJ_NETSDK_IPC_GET_MediaConfig
AJ_NETSDK_IPC_GET_MediaStreamConfig
AJ_NETSDK_IPC_GET_MiscConfig
AJ_NETSDK_IPC_GET_MotionDetectAlarm
AJ_NETSDK_IPC_GET_NetworkADSLConfig
AJ_NETSDK_IPC_GET_NetworkConfig
AJ_NETSDK_IPC_GET_NetworkDDNSConfig
AJ_NETSDK_IPC_GET_NetworkLANConfig
AJ_NETSDK_IPC_GET_NetworkP2PConfig
AJ_NETSDK_IPC_GET_NetworkUPNPConfig
AJ_NETSDK_IPC_GET_NetworkWIFIConfig
AJ_NETSDK_IPC_GET_PlatformConfig
AJ_NETSDK_IPC_GET_PtzConfig
AJ_NETSDK_IPC_GET_RecordConfig
AJ_NETSDK_IPC_GET_ServerConfig
AJ_NETSDK_IPC_GET_SmtpServerConfig
AJ_NETSDK_IPC_GET_StorageFullAlarm
AJ_NETSDK_IPC_GET_SyslogConfig
AJ_NETSDK_IPC_GET_SystemConfig
AJ_NETSDK_IPC_GET_TimeConfig
AJ_NETSDK_IPC_GET_UserConfig
AJ_NETSDK_IPC_GET_VideoCaptureConfig
AJ_NETSDK_IPC_GET_VideoConfig
AJ_NETSDK_IPC_GET_VideoCoverAlarm
AJ_NETSDK_IPC_GET_VideoEncodeConfig
AJ_NETSDK_IPC_GET_VideoLostAlarm
AJ_NETSDK_IPC_GET_VideoOSDConfig
AJ_NETSDK_IPC_GetAlarmConfigByXml
AJ_NETSDK_IPC_GetConfigFile
AJ_NETSDK_IPC_GetDVRConfig
AJ_NETSDK_IPC_GetDeviceAbility
AJ_NETSDK_IPC_GetDeviceConfig
AJ_NETSDK_IPC_GetDownloadPos
AJ_NETSDK_IPC_GetDownloadState
AJ_NETSDK_IPC_GetFileByName
AJ_NETSDK_IPC_GetFormatProgress
AJ_NETSDK_IPC_GetGB28181CfgByXml
AJ_NETSDK_IPC_GetIOInPutStatus
AJ_NETSDK_IPC_GetIOOutPutStatus
AJ_NETSDK_IPC_GetIPCInfo
AJ_NETSDK_IPC_GetMediaCfgByXml
AJ_NETSDK_IPC_GetMediaStreamCfgByXml
AJ_NETSDK_IPC_GetNetworkCfgByXml
AJ_NETSDK_IPC_GetNetworkParam
AJ_NETSDK_IPC_GetOneIPAddress
AJ_NETSDK_IPC_GetPlatformCfgByXml
AJ_NETSDK_IPC_GetPlayAudioStatus
AJ_NETSDK_IPC_GetRecordCfgByXml
AJ_NETSDK_IPC_GetSDKBuildData
AJ_NETSDK_IPC_GetSDKVersion
AJ_NETSDK_IPC_GetSearchIPCCount
AJ_NETSDK_IPC_GetServerCfgByXml
AJ_NETSDK_IPC_GetSystemConfigByXml
AJ_NETSDK_IPC_GetUpgradeProgress
AJ_NETSDK_IPC_GetUpgradeState
AJ_NETSDK_IPC_GetUserData
AJ_NETSDK_IPC_Init
AJ_NETSDK_IPC_InputAlarm_getAlarmChannelCfgByXml
AJ_NETSDK_IPC_InputAudioData
AJ_NETSDK_IPC_LoadVendorId
AJ_NETSDK_IPC_Login
AJ_NETSDK_IPC_Logout
AJ_NETSDK_IPC_LogoutAll
AJ_NETSDK_IPC_Media_getAudioByXml
AJ_NETSDK_IPC_Media_getAudioCaptureByXml
AJ_NETSDK_IPC_Media_getAudioEncodeByXml
AJ_NETSDK_IPC_Media_getJpegEncodeByXml
AJ_NETSDK_IPC_Media_getVideoByXml
AJ_NETSDK_IPC_Media_getVideoCaptureByXml
AJ_NETSDK_IPC_Media_getVideoEncodeByXml
AJ_NETSDK_IPC_Media_getVideoMaskByXml
AJ_NETSDK_IPC_Media_getVideoOverlayByXml
AJ_NETSDK_IPC_Media_getVideoUserOverlayByXml
AJ_NETSDK_IPC_ModifyIPC
AJ_NETSDK_IPC_Network_getADSLCfgByXml
AJ_NETSDK_IPC_Network_getDDNSCfgByXml
AJ_NETSDK_IPC_Network_getLANCfgByXml
AJ_NETSDK_IPC_Network_getP2PCfgByXml
AJ_NETSDK_IPC_Network_getUPNPCfgByXml
AJ_NETSDK_IPC_Network_getWIFICfgByXml
AJ_NETSDK_IPC_OpenFactory
AJ_NETSDK_IPC_PTZControl
AJ_NETSDK_IPC_PTZControlEx
AJ_NETSDK_IPC_PTZPreset
AJ_NETSDK_IPC_PlayDeviceByFile
AJ_NETSDK_IPC_PlayDeviceByTime
AJ_NETSDK_IPC_PlayMp3File
AJ_NETSDK_IPC_RebootDVR
AJ_NETSDK_IPC_Reconnect
AJ_NETSDK_IPC_RemoveInviteAudioStream
AJ_NETSDK_IPC_RemoveTalk
AJ_NETSDK_IPC_RestoreConfig
AJ_NETSDK_IPC_RestoreIPC
AJ_NETSDK_IPC_RestoreIPCBySn
AJ_NETSDK_IPC_SET_AlarmConfig
AJ_NETSDK_IPC_SET_AudioCaputreConfig
AJ_NETSDK_IPC_SET_AudioConfig
AJ_NETSDK_IPC_SET_AudioEncodeConfig
AJ_NETSDK_IPC_SET_GB28181Config
AJ_NETSDK_IPC_SET_MediaConfig
AJ_NETSDK_IPC_SET_MediaStreamConfig
AJ_NETSDK_IPC_SET_MiscConfig
AJ_NETSDK_IPC_SET_MotionDetectAlarm
AJ_NETSDK_IPC_SET_NetworkConfig
AJ_NETSDK_IPC_SET_NetworkLANConfig
AJ_NETSDK_IPC_SET_NetworkWIFIConfig
AJ_NETSDK_IPC_SET_PlatformConfig
AJ_NETSDK_IPC_SET_TimeConfig
AJ_NETSDK_IPC_SET_TimeManualConfig
AJ_NETSDK_IPC_SET_UserConfig
AJ_NETSDK_IPC_SET_VideoCaptureConfig
AJ_NETSDK_IPC_SET_VideoConfig
AJ_NETSDK_IPC_SET_VideoCoverAlarm
AJ_NETSDK_IPC_SET_VideoEncodeConfig
AJ_NETSDK_IPC_SET_VideoMaskConfig
AJ_NETSDK_IPC_SET_VideoOSDConfig
AJ_NETSDK_IPC_SearchOEMMp3File
AJ_NETSDK_IPC_SendSearchMsg
AJ_NETSDK_IPC_SerialSend
AJ_NETSDK_IPC_SerialStart
AJ_NETSDK_IPC_SerialStop
AJ_NETSDK_IPC_Server_getFtpsByXml
AJ_NETSDK_IPC_Server_getSmtpsByXml
AJ_NETSDK_IPC_SetAUXResponseCallBack
AJ_NETSDK_IPC_SetAutoReconnect
AJ_NETSDK_IPC_SetConfigFile
AJ_NETSDK_IPC_SetDVRConfig
AJ_NETSDK_IPC_SetDevcieConfig
AJ_NETSDK_IPC_SetEncodeAudioCallBack
AJ_NETSDK_IPC_SetFactoryCallBack
AJ_NETSDK_IPC_SetFactoryCfg
AJ_NETSDK_IPC_SetPlayActionEventCallBack
AJ_NETSDK_IPC_SetReplayDataCallBack
AJ_NETSDK_IPC_SetSearchStatusCallBack
AJ_NETSDK_IPC_SetStatusEventCallBack
AJ_NETSDK_IPC_SetTimeSync
AJ_NETSDK_IPC_SetUserData
AJ_NETSDK_IPC_StartAudioCapture
AJ_NETSDK_IPC_StartSearchIPC
AJ_NETSDK_IPC_StartTalk
AJ_NETSDK_IPC_StartVoiceCom
AJ_NETSDK_IPC_StopAudioCapture
AJ_NETSDK_IPC_StopGetFile
AJ_NETSDK_IPC_StopPlayMp3File
AJ_NETSDK_IPC_StopSearchIPC
AJ_NETSDK_IPC_StopTalk
AJ_NETSDK_IPC_StopVoiceCom
AJ_NETSDK_IPC_SystemControl
AJ_NETSDK_IPC_System_getLogCfgByXml
AJ_NETSDK_IPC_System_getMiscCfgByXml
AJ_NETSDK_IPC_System_getPTZAdvanceCfgByXml
AJ_NETSDK_IPC_System_getPTZCfgByXml
AJ_NETSDK_IPC_System_getPTZCommonCfgByXml
AJ_NETSDK_IPC_System_getTimeCfgByXml
AJ_NETSDK_IPC_System_getUserCfgByXml
AJ_NETSDK_IPC_Upgrade
AJ_NETSDK_IPC_UploadOEMAppFile
AJ_NETSDK_IPC_UploadOEMCfgFile
AJ_NETSDK_IPC_UploadOEMMp3File
AJ_NETSDK_IPC_XMLGET_AlarmConfig
AJ_NETSDK_IPC_XMLGET_AudioCaptureConfig
AJ_NETSDK_IPC_XMLGET_AudioConfig
AJ_NETSDK_IPC_XMLGET_AudioEncodeConfig
AJ_NETSDK_IPC_XMLGET_FtpConfig
AJ_NETSDK_IPC_XMLGET_GB28181Config
AJ_NETSDK_IPC_XMLGET_InputAlarmConfig
AJ_NETSDK_IPC_XMLGET_MDAlarmConfig
AJ_NETSDK_IPC_XMLGET_MediaConfig
AJ_NETSDK_IPC_XMLGET_MediaStreamConfig
AJ_NETSDK_IPC_XMLGET_NetworkADSLConfig
AJ_NETSDK_IPC_XMLGET_NetworkConfig
AJ_NETSDK_IPC_XMLGET_NetworkDDNSConfig
AJ_NETSDK_IPC_XMLGET_NetworkLANConfig
AJ_NETSDK_IPC_XMLGET_NetworkP2PConfig
AJ_NETSDK_IPC_XMLGET_NetworkUPNPConfig
AJ_NETSDK_IPC_XMLGET_NetworkWIFIConfig
AJ_NETSDK_IPC_XMLGET_PTZConfig
AJ_NETSDK_IPC_XMLGET_PlatformConfig
AJ_NETSDK_IPC_XMLGET_RecordConfig
AJ_NETSDK_IPC_XMLGET_SAFE_FREE
AJ_NETSDK_IPC_XMLGET_SFAlarmConfig
AJ_NETSDK_IPC_XMLGET_ServerConfig
AJ_NETSDK_IPC_XMLGET_SmtpConfig
AJ_NETSDK_IPC_XMLGET_SysMiscConfig
AJ_NETSDK_IPC_XMLGET_SyslogConfig
AJ_NETSDK_IPC_XMLGET_SystemConfig
AJ_NETSDK_IPC_XMLGET_TimeConfig
AJ_NETSDK_IPC_XMLGET_UserConfig
AJ_NETSDK_IPC_XMLGET_VCAlarmConfig
AJ_NETSDK_IPC_XMLGET_VideoCaptureConfig
AJ_NETSDK_IPC_XMLGET_VideoConfig
AJ_NETSDK_IPC_XMLGET_VideoEncodeConfig
AJ_NETSDK_IPC_XMLGET_VideoMaskConfig
AJ_NETSDK_IPC_XMLGET_VideoOverlayConfig
AJ_NETSDK_IPC_XMLGET_VideoUserOverlayConfig
AJ_NETSDK_IPC_XMLGET_VlAlarmConfig
AJ_NETSDK_Server_Login

Sections

.text
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a0ee10eee9e1f4b7c9a1b04858a6d59

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

iphlpapi

dsound

ws2_32

oleacc

Exports

Exports

Sections

.text Size: 588KB - Virtual size: 588KB

.rdata Size: 178KB - Virtual size: 177KB

.data Size: 109KB - Virtual size: 132KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 588KB - Virtual size: 588KB

.rdata
Size: 178KB - Virtual size: 177KB

.data
Size: 109KB - Virtual size: 132KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 31KB - Virtual size: 31KB