avicap32[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

avicap32.dll
Size

63KB
MD5

e24fe90e9de8d8ae70e59f7b01675def
SHA1

1e2795d583d3e7263d5b3fabb78552f3330997d7
SHA256

ddb0691488db424cc203505e27364b24e4410e599a972cf2c1aff4e2f3e3c04f
SHA512

6cc91728db60a04f936edaecc8b6d86cdb881b2fbc7164e43ed8370b43f42d6e19e26bbd7d3e6df52c83cb5a69b7598098fe896bfdcc47e65c4ad1a5681b06bf
SSDEEP

1536:YI0QFm0Y0JhwJlI8uD2+4VuTK6vHhm2lTnUA4:6sXhJwlI8uDV4VZMBmwnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
avicap32.dll

Files

avicap32.dll
.dll windows:6 windows x86 arch:x86

5d9f2f33d42aa5d264e72baa78f90d6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

avicap32.pdb

Imports

msvcrt

_except_handler4_common
_amsg_exit
_initterm
free
malloc
_XcptFilter
atoi
memmove
_ftol2
memset
_vsnprintf
memcpy
_vsnwprintf

user32

PostMessageW
LoadStringA
IsWindow
TranslateMessage
DispatchMessageW
BeginPaint
EndPaint
DefWindowProcW
SetTimer
GetClipboardData
SetWindowLongW
SendMessageW
MsgWaitForMultipleObjects
KillTimer
EqualRect
ClientToScreen
MessageBeep
GetMessageW
PeekMessageW
SetCursor
GetDC
GetClientRect
SetRect
UpdateWindow
MessageBoxW
GetAsyncKeyState
ReleaseDC
InvalidateRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetParent
GetWindowLongW
LoadStringW
UnregisterClassW
RegisterClassW
LoadCursorW
GetClassInfoW
CreateWindowExW

kernel32

GetFileSize
GetOverlappedResult
GetLastError
WriteFile
CreateFileW
GetProcAddress
LoadLibraryW
GetDiskFreeSpaceW
GetFullPathNameW
DeleteFileW
lstrcmpiW
LocalUnlock
SetFilePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
InterlockedCompareExchange
InterlockedExchange
GetModuleHandleW
GetFileAttributesW
DeleteCriticalSection
GetPrivateProfileStringW
GetACP
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrlenW
LocalFree
LocalHandle
MultiByteToWideChar
LocalLock
LocalAlloc
lstrlenA
DisableThreadLibraryCalls
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
GetModuleFileNameW
QueryPerformanceCounter
MulDiv
QueryPerformanceFrequency
Sleep
GetVersionExW
GetSystemInfo
VirtualAlloc
VirtualFree
GlobalMemoryStatusEx
GlobalHandle
SetEvent
FreeLibrary
CloseHandle
GlobalReAlloc
WaitForSingleObject
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetLocalTime
CreateEventW
CreateThread
InitializeCriticalSection

gdi32

DeleteObject
CreatePalette
GetStockObject
GetDCOrgEx
SelectObject
PatBlt
GetObjectW
GetPaletteEntries
GetNearestPaletteIndex
SetWindowOrgEx
RealizePalette
SelectPalette
GetClipBox
GetDeviceCaps
GetSystemPaletteEntries

winmm

waveInStart
mmioWrite
mmioSeek
mmioClose
mmioOpenW
mmioAscend
mmioCreateChunk
mmioRead
mmioDescend
mmioFlush
waveInStop
mciSendStringW
SendDriverMessage
CloseDriver
OpenDriver
waveInOpen
waveInPrepareHeader
waveInAddBuffer
timeGetTime
waveInReset
waveInUnprepareHeader
waveOutGetNumDevs
waveInClose

advapi32

RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyA
RegQueryValueExA
RegCreateKeyW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

msvfw32

ICSeqCompressFrameEnd
DrawDibDraw
ICSeqCompressFrameStart
DrawDibGetPalette
DrawDibBegin
ICImageDecompress
ICCompressorFree
DrawDibClose
DrawDibOpen
ICCompressorChoose
DrawDibRealize
ICSeqCompressFrame

Exports

Exports

AppCleanup
capCreateCaptureWindowA
capCreateCaptureWindowW
capGetDriverDescriptionA
capGetDriverDescriptionW
videoThunk32

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d9f2f33d42aa5d264e72baa78f90d6e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

winmm

advapi32

version

msvfw32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB