c8a34454312c90ccf3057bee584bd996d169ec86d6a49871781b8453596fdd87

Sharing

Copy URL Twitter E-mail

General

Target

c8a34454312c90ccf3057bee584bd996d169ec86d6a49871781b8453596fdd87
Size

574KB
MD5

a02cfc34eaa274161477b5fcc344f9f8
SHA1

8fb4a586b6f4769453a71dd48c865f2f94f1b89d
SHA256

c8a34454312c90ccf3057bee584bd996d169ec86d6a49871781b8453596fdd87
SHA512

9c8a3da4d436dd556212edce554561001d470aa3893a7b6ce56aaaf80bbb3e7b2a5cf1a54da0cba9b24e9e751ef28e39075a75a20578e5dc4d9da853747f4278
SSDEEP

12288:hwB2Os5AX87vUQbRzyLq6fKilL+wLtD00bRLiHqs5bXrVwDzQoTrM:hwBPXakVX+wLtD0KLYqerVwDXTrM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a34454312c90ccf3057bee584bd996d169ec86d6a49871781b8453596fdd87

Files

c8a34454312c90ccf3057bee584bd996d169ec86d6a49871781b8453596fdd87
.dll windows:5 windows x86 arch:x86

fca03722e3596742ae270b1adaaeea71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Project\EverCam10_clean\VC\x64\fsLib\Win32\fsLib.pdb

Imports

winmm

mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetDevCapsA
mixerGetNumDevs
mixerGetControlDetailsA
mixerSetControlDetails
waveInClose
waveInOpen
waveOutClose
waveOutReset
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutOpen
waveOutGetPosition
timeGetTime
timeSetEvent
mixerClose

shlwapi

PathFileExistsW
PathRenameExtensionA
PathAddBackslashA
PathRemoveFileSpecA
PathFileExistsA
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW
PathStripToRootW

gdiplus

GdipSetPenMiterLimit
GdipSetPenCustomEndCap
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenWidth
GdipGetPathWorldBoundsI
GdipSetAdjustableArrowCapWidth
GdipSetAdjustableArrowCapHeight
GdipCreateAdjustableArrowCap
GdipDeleteCustomLineCap
GdipSetPenColor
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdipAddPathLineI
GdipCloneImage
GdipCloneBrush
GdipDrawImageRectI
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipDeleteBrush
GdipAlloc
GdipFree
GdipCreateFromHDC
GdipSetSmoothingMode
GdiplusShutdown
GdipDrawLineI
GdipDrawRectangleI
GdipDrawEllipseI
GdipDeletePath

xvidcore

xvid_global
xvid_plugin_single
xvid_encore

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetQueryOptionA
InternetCloseHandle

sensapi

IsNetworkAlive

rstrtmgr

RmRegisterResources
RmStartSession
RmEndSession
RmGetList

kernel32

SetHandleCount
GetFileType
GetStartupInfoW
HeapSize
GetModuleFileNameA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
ExitProcess
HeapDestroy
FreeEnvironmentStringsW
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
GetCommandLineA
RaiseException
GetFileAttributesW
SetFileAttributesW
HeapReAlloc
ExitThread
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapAlloc
HeapFree
RtlUnwind
GetEnvironmentStringsW
FatalAppExitA
GetVersionExA
GetCurrentThread
SetConsoleCtrlHandler
LoadLibraryW
SetStdHandle
FlushFileBuffers
WriteConsoleW
LCMapStringW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapCreate
GetThreadPriority
SetThreadPriority
InterlockedExchange
VirtualAlloc
CreateSemaphoreA
GetCurrentThreadId
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceFrequency
Sleep
QueryPerformanceCounter
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
WaitForMultipleObjects
CreateEventA
SetEvent
WaitForSingleObject
ReadFile
CreateFileW
WideCharToMultiByte
CreateDirectoryW
GetFullPathNameW
GetLastError
OutputDebugStringA
CreateMutexA
DeleteFileW
MoveFileA
DeleteFileA
WriteFile
SetFilePointer
CreateFileA
SetEndOfFile
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
MultiByteToWideChar
CreateThread
GetComputerNameW
GetModuleHandleA
ResetEvent
GetCurrentProcessId
LocalAlloc
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetVersion
SetFilePointerEx
GetFileSizeEx
GetFileSize
GetDiskFreeSpaceExW
GetVolumeInformationW
InterlockedIncrement
InterlockedDecrement
ReleaseSemaphore
GetSystemInfo
VirtualFree
lstrcmpW
DuplicateHandle
GetProcessHeap

user32

GetDC
SetWindowLongA
SetWindowPos
GetWindowLongA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
PostQuitMessage
DefWindowProcA
GetWindowTextW
GetWindowThreadProcessId
GetForegroundWindow
TranslateMessage
DispatchMessageA
PeekMessageA
DestroyWindow
GetIconInfo
GetKeyState
GetCursorInfo
GetCursorPos
GetWindowRect
SetWindowDisplayAffinity
SetCursor
SetClassLongA
UpdateLayeredWindow
SetCapture
GetCapture
FillRect
EndPaint
BeginPaint
SetActiveWindow
CreateDialogParamA
InvalidateRect
ShowWindow
GetParent
TrackPopupMenuEx
CheckMenuItem
GetSubMenu
ClientToScreen
LoadMenuA
PtInRect
MoveWindow
ScreenToClient
InflateRect
LoadImageA
IsWindowVisible
IsWindow
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetQueueStatus
ReleaseDC
GetClientRect
PostThreadMessageA
GetMessageA
PostMessageA
EnumDisplaySettingsA
ChangeDisplaySettingsA
MonitorFromRect
GetMonitorInfoA
ReleaseCapture
MessageBoxA

gdi32

CreatePen
MoveToEx
LineTo
CreateSolidBrush
StretchBlt
DeleteDC
GetObjectA
SelectObject
CreateCompatibleDC
GetStockObject
DeleteObject
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
GetDIBits

advapi32

RegDeleteKeyA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

ws2_32

WSAResetEvent
WSACloseEvent
WSACreateEvent
WSAWaitForMultipleEvents
WSAGetLastError
WSAGetOverlappedResult
WSASend

comctl32

_TrackMouseEvent

Exports

Exports

AddKeyFrame
CanvasEnabled
CheckAVDevice
CheckAudioDevice
CheckRenewDate
CloseAVDevice
CloseAudioDevice
CloseTryFixBySegmentThread
CloseTryFixThread
CloseVolume
CreateAudioMixer
CreateCanvas
CreateWhiteboard
DecryptFsFile
DeleteAudioMixer
DeleteCanvas
DeleteWhiteboard
DrawImageToFit
ECT
EnableRecSystemAudio
EncoderCloseDevice
EncoderDisableDD
EncoderInitDevice
EncoderNoop
EncoderPause
EncoderQueryDevice
EncoderResume
EncoderSetAllWhiteFrameMode
EncoderSetFilename
EncoderStart
EncoderState
EncoderStop
EncoderTransparent
EncryptFsFile
EndDraw
GenerateEmptyProject
GetAudioBitrate
GetAudioVolume
GetECTState
GetExtendDataFromProject
GetFileFormatVersion
GetFileHeaderDim
GetFreeTag
GetKeyframeDim
GetLength
GetLockedProcess
GetNextFrameTs
GetPlayTestTime
GetPrevFrameTs
GetRemoveVideoProgress
GetRenewDateResult
GetTestRecordTime
GetUrlEncodedComputerName
GetVideoResolution
GetVolumeScale
InitLockedProcessCount
IsAppendFinish
IsEmptyProject
IsSupportedPath
IsTryFixBySegmentFinish
IsTryFixFinish
ListIndex
MixerGet
MixerSet
OpenVolume
PlayTestAudio
RebuildIndex
SetCaptureArea
SetCaptureFrameRate
SetExtendDataInProject
SetFreeTag
SetHardAcceleration
SetPenAttr
SetVolumeMeter
SetVolumeScale
StartDraw
StartRecordAudio
StartTestRecordAudio
StopRecordAudio
StopRemoveVideo
StopTestAudio
StopTestRecordAudio
TryFix
TryFixBySegment
UnECT
WhiteboardEnabled
fsAppend
fsFindNextResChangeIndexPos
fsGetAudioDevice
fsMerge
fsQueryAudioDevice
fsQueryVideoDevice
fsResetAVDevice
fsSetAudioDevice
fsSetAudioSuppressionLevel
fsSetExcludeCaptureMode
fsSetVideoDevice
fsSetVistaMethodCaptureAudio
fsSplit
fsUpdateLayeredWindow
fsVideoExists
fsVideoExists2
fsVideoFrameRate
fsdReady
fsdStart
fsdStop
getFsSplitStatus
removeVideo
verifyFsFile
verifyWholeFsFile

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fca03722e3596742ae270b1adaaeea71

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

shlwapi

gdiplus

xvidcore

wininet

sensapi

rstrtmgr

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ws2_32

comctl32

Exports

Exports

Sections

.text Size: 394KB - Virtual size: 394KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 16KB - Virtual size: 120KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 394KB - Virtual size: 394KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 16KB - Virtual size: 120KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 20KB - Virtual size: 19KB