D:\jenkins\workspace\APP_Package_SDK_Windows32\common\HCNetSDK\VS2013\lib\win32\HCNetSDKCom\HCPreview.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
HCPreview.dll
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
HCPreview.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
HCPreview.dll
-
Size
615KB
-
MD5
2d30b10990471218c2ebed0e8de00396
-
SHA1
332c329bef70840dc3879681add2ea63af557ab7
-
SHA256
885ada1f9058f05120771460687807b13b162b8d8eeaf82bd68493fc4136aa4f
-
SHA512
832f19890484e7b150d72f2ca721349a32f108f5c3441c173eeeb2bc3a330fc872df3678f4ef964281f990a9e5c0939ac4b3bd07720c32cf2dfdc63976aee0ac
-
SSDEEP
12288:yqjvrGY4zzIioVtyqjpFGqTdVUXkb6Optjn7QV5sOzHVr:yEixzzIljpN7Tb6OptjnsoOz1
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource HCPreview.dll
Files
-
HCPreview.dll.dll windows:6 windows x86 arch:x86
1a092767992354cca482d14d588d570e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
hccore
?Start@CMemberBase@NetSDK@@UAEHPAX@Z
?Stop@CMemberBase@NetSDK@@UAEHXZ
??1CMemberMgrBase@NetSDK@@UAE@XZ
?CheckResource@CMemberMgrBase@NetSDK@@UAEHXZ
Core_WriteLogStr
COM_GetLastError
_Core_SetLastError@4
_Core_NewArray@4
_Core_DelArray@4
_Core_SetProSysFunc@4
_Core_Assert@0
??1CModuleSession@NetSDK@@UAE@XZ
?CheckResource@CModuleSession@NetSDK@@UAEHXZ
?Start@CModuleSession@NetSDK@@UAEHPAX@Z
?Stop@CModuleSession@NetSDK@@UAEHXZ
??1CModuleMgrBase@NetSDK@@UAE@XZ
?CheckResource@CModuleMgrBase@NetSDK@@UAEHXZ
??1CCtrlBase@NetSDK@@UAE@XZ
??1CLongLinkCtrl@NetSDK@@UAE@XZ
?StartRecvThread@CLongLinkCtrl@NetSDK@@QAEHP6AHPAXPBXII@Z0@Z
?CreateLink@CLongLinkCtrl@NetSDK@@QAEHIW4tagInterLinkTypeEnum@@PBUtagLinkCondSimple@@@Z
?DestroyLink@CLongLinkCtrl@NetSDK@@QAEHXZ
?GetLink@CLongLinkCtrl@NetSDK@@QAEPAXXZ
?SendNakeData@CLongLinkCtrl@NetSDK@@QAEHPBU__DATA_BUF@@I@Z
_Core_ProcessProErrorCode@8
?HasCreateLink@CLongLinkCtrl@NetSDK@@QAEHXZ
?GetLocalIPInfo@CLongLinkCtrl@NetSDK@@QAEHPAUtagProIPAddrInfo@@@Z
??0CNpqInterface@NetSDK@@QAE@XZ
??1CNpqInterface@NetSDK@@QAE@XZ
?LoadNpqLib@CNpqInterface@NetSDK@@SAHXZ
?UnloadNpqLib@CNpqInterface@NetSDK@@SAHXZ
?StartNpqService@CNpqInterface@NetSDK@@QAEHW4NPQ_QOS_ROLE@@IP6GXHHPAEIPAX@Z2PAD@Z
?StopNpqService@CNpqInterface@NetSDK@@QAEHXZ
?InputData@CNpqInterface@NetSDK@@QAEHHPAEI@Z
?GetState@CNpqInterface@NetSDK@@QAEHW4NPQ_MAIN_TYPE@@PAUNPQ_STAT@@@Z
?SetNotifyParam@CNpqInterface@NetSDK@@QAEHPAUNPQ_SET_NOTIFY_PARAM@@@Z
_COM_ReLogin@4
_Core_GetProInfo@8
_PRO_SendProDataWithRecv@16
_PRO_SendProDataWithoutRecv@12
_Core_GetDVRConfigWithoutPassthrough@24
_Core_GetSysLastError@0
_Core_SetValidIP@8
_Core_UpdataIP@0
??0CLongLinkCtrl@NetSDK@@QAE@H@Z
?StartPush@CLongLinkCtrl@NetSDK@@QAEHPBUtagPushLongLinkParams@2@@Z
??2CObjectBase@NetSDK@@SAPAXIW4tagMemoryClass@@@Z
??3CObjectBase@NetSDK@@SAXPAXW4tagMemoryClass@@@Z
_Core_IsIPv6@4
_Core_ISAPIUserExchange@8
_Core_GetIPInfo@12
_Core_GetUNAndPW@20
_Core_GetDevSupport2@4
??0CXmlBase@NetSDK@@QAE@XZ
??1CXmlBase@NetSDK@@QAE@XZ
?Parse@CXmlBase@NetSDK@@QAEPBXPBD@Z
?FindElem@CXmlBase@NetSDK@@QAE_NPBD@Z
?GetData@CXmlBase@NetSDK@@QBEPBDXZ
?IntoElem@CXmlBase@NetSDK@@QAE_NXZ
?OutOfElem@CXmlBase@NetSDK@@QAE_NXZ
?NextSibElem@CXmlBase@NetSDK@@QAE_NXZ
??0CObjectBase@NetSDK@@QAE@XZ
_Core_RigisterTimerProxy@8
_Core_UnRigisterTimerProxy@8
_Core_MsgOrCallBack@16
_Core_GetReconnect@8
_Core_GetTimeoutLimitDependsOnNetwork@0
?EnableRecvCallBack@CLongLinkCtrl@NetSDK@@QAEHH@Z
?SendCommandWithoutRecv@CLongLinkCtrl@NetSDK@@QAEHIPBU__DATA_BUF@@@Z
?ResumeRecvThread@CLongLinkCtrl@NetSDK@@QAEHXZ
?CommandEnlargeBufferSize@CLongLinkCtrl@NetSDK@@QAEHII@Z
_Core_SC_CreateStreamConvert@0
_Core_SC_DestroyStreamConvert@4
_Core_SC_LoadConvertLib@0
_Core_SC_UnloadConvertLib@0
?Stop@CLongLinkCtrl@NetSDK@@QAEHXZ
?CreateLinkEx@CLongLinkCtrl@NetSDK@@QAEHIW4tagInterLinkTypeEnum@@PBUtagLinkCondSimpleEx@@@Z
?SetLastCallbackFlag@CLongLinkCtrl@NetSDK@@QAEXH@Z
_COM_CheckNeedReLoginByState@4
_Core_ConvertCmdStatusToErrorCode@4
?CloseSocket@CLongLinkCtrl@NetSDK@@QAEXXZ
_Core_RTSP_UnloadTransUnitLib@0
COM_Core_Init
COM_Core_Fini
_Core_CreateTimerProxy@4
_Core_DestroryTimerProxy@4
_Core_SetPreviewStreamMax@4
_Core_GetModuleRecvTime@4
??0CCtrlBase@NetSDK@@QAE@XZ
?CheckResource@CMemberBase@NetSDK@@UAEHXZ
_Core_SetRemoteCtrlCB@8
_COM_SetProcessCB@8
_Core_RTSP_GetTransUnitMgr@0
_Core_RTSP_LoadTransUnitLib@0
_Core_RTSP_SetRTSPRecvTimeout@8
_Core_GetTcpPort@4
_Core_ResuseTcpPort@4
_Core_GetUdpPort@4
_Core_ResuseUdpPort@4
_Core_IsTcpPortBindEnabled@0
_Core_IsUdpPortBindEnabled@0
_Core_Encode_Base64@12
??0CMultiThreadControl@NetSDK@@QAE@XZ
??1CMultiThreadControl@NetSDK@@QAE@XZ
?CheckResource@CMultiThreadControl@NetSDK@@QAEHXZ
?SignalToFreeze@CMultiThreadControl@NetSDK@@QAEXXZ
?NoMoreCheck@CMultiThreadControl@NetSDK@@QAEXXZ
?Freeze@CMultiThreadControl@NetSDK@@QAEXXZ
?Unfreeze@CMultiThreadControl@NetSDK@@QAEXXZ
?CheckFreeze@CMultiThreadControl@NetSDK@@QAEXXZ
??0CCoreSignal@NetSDK@@QAE@XZ
??1CCoreSignal@NetSDK@@QAE@XZ
?Create@CCoreSignal@NetSDK@@QAEHXZ
?Post@CCoreSignal@NetSDK@@QAEHXZ
?TimedWait@CCoreSignal@NetSDK@@QAEHI@Z
?Destroy@CCoreSignal@NetSDK@@QAEHXZ
COM_GetSDKLocalCfg
_Core_GetUserType@4
_Core_LoadDSo@4
_Core_GetCapturePictureMode@4
_Core_CreateSoftPlayerInstance@0
_Core_DestroySoftPlayerInstance@4
_Core_CreateHardPlayerInstance@4
_Core_DestroyHardPlayerInstance@4
_COM_GetStreamSecretKey@8
_Core_Analyze_Create@0
_Core_Analyze_Destroy@4
_Core_GetDevSupport4@4
_Core_GetDevSupport5@4
?GetMember@CMemberMgrBase@NetSDK@@QAEPAVCMemberBase@2@H@Z
?LockMember@CMemberMgrBase@NetSDK@@QBEHH@Z
?UnlockMember@CMemberMgrBase@NetSDK@@QBEHH@Z
_Core_GetDefaultRecvTimeOut@0
_Core_SetSoundShare@4
_Core_IsSoundShare@0
_Core_CloseSound@0
_Core_SetCapturePictureMode@4
??0CUseCountAutoDec@NetSDK@@QAE@PAH@Z
??1CUseCountAutoDec@NetSDK@@QAE@XZ
?Init@CCtrlBase@NetSDK@@QAEHXZ
?Fini@CCtrlBase@NetSDK@@QAEHXZ
?CheckInit@CCtrlBase@NetSDK@@QAEHXZ
?GetUseCount@CCtrlBase@NetSDK@@QAEPAHXZ
_Core_SimpleCommandToDvr@36
_Core_SimpleCommandToDvrEx@32
_Core_SimpleCommandToDvr_WithoutRecv@24
COM_User_CheckID
_Core_GetDevProVer@4
_Core_GetDevSupport1@4
_Core_GetDevSupportFromArr@8
_Core_InitDevice_Card@4
_Core_ReleaseDevice_Card@0
_Core_InitDDraw_Card@8
_Core_ReleaseDDraw_Card@0
_Core_RefreshSurface_Card@0
_Core_ClearSurface_Card@0
_Core_RestoreSurface_Card@0
_Core_GetSerialNum_Card@8
_Core_GetCardLastError_Card@0
_Core_SetDspErrMsg_Card@8
_Core_ResetDSP_Card@4
?AllocIndex@CMemberMgrBase@NetSDK@@IAEHP6GPAVCMemberBase@2@PBX@Z0PAX@Z
?FreeIndex@CMemberMgrBase@NetSDK@@IAEHHH@Z
_Core_PreviewMessageCallBack@12
_Core_SplittingSend@12
??0CModuleMgrBase@NetSDK@@QAE@IW4tagModuleType@@@Z
?GetMemberIndex@CMemberBase@NetSDK@@QAEHXZ
_Core_GetStreamPort@16
_Core_GetPushModeParam@4
??0CModuleSession@NetSDK@@QAE@XZ
?SetUserID@CModuleSession@NetSDK@@QAEHH@Z
?GetUserID@CModuleSession@NetSDK@@QAEHXZ
_Core_GetStreamInfo@8
_Core_GetDeviceMultiStreamProtocol@4
_Core_GetDevSupport@8
_Core_GetDevSupport3@4
_Core_IsDevLogin@4
_Core_SupportSDKPreview@4
??1CMemberBase@NetSDK@@UAE@XZ
??3CObjectBase@NetSDK@@SAXPAX@Z
_Core_SetDVRCfgCB@8
??1CObjectBase@NetSDK@@UAE@XZ
hccoredevcfg
_Core_Ipv4_6Convert@16
_Core_GetPTZCruise@16
COM_CoreDevCfg_Fini
_Core_VcaPointConvert@12
_g_fConPtzPosCfg@12
COM_CoreDevCfg_Init
kernel32
DeleteCriticalSection
WideCharToMultiByte
Sleep
MultiByteToWideChar
GetProcAddress
GlobalMemoryStatusEx
GetSystemInfo
GetModuleHandleA
OutputDebugStringA
SetPriorityClass
TlsGetValue
GetCurrentProcess
WaitForSingleObject
TlsSetValue
SetThreadPriority
GetCurrentThreadId
TlsAlloc
CloseHandle
TlsFree
SuspendThread
ResumeThread
FreeLibrary
LoadLibraryExA
CreateFileA
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
CreateDirectoryA
EnterCriticalSection
GetLastError
RemoveDirectoryA
CopyFileA
FindClose
GetFileType
MoveFileA
GetModuleFileNameA
FindNextFileA
GetFileInformationByHandle
LocalFree
DeleteFileA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
QueryPerformanceFrequency
FileTimeToLocalFileTime
LoadLibraryA
SetWaitableTimer
SetEvent
CreateEventA
ResetEvent
WaitForMultipleObjects
CreateWaitableTimerA
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
CreateSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
FindFirstFileA
CreateFileW
WriteConsoleW
SetStdHandle
ReadConsoleW
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
HeapReAlloc
MoveFileExW
GetFileAttributesExW
GetOEMCP
GetACP
IsValidCodePage
SetEnvironmentVariableA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetStdHandle
GetProcessHeap
GetCurrentThread
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetModuleHandleW
GetStartupInfoW
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer
DecodePointer
GetStringTypeW
RaiseException
RtlUnwind
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
CreateThread
ExitThread
LoadLibraryExW
AreFileApisANSI
FatalAppExitA
GetCPInfo
advapi32
CryptAcquireContextA
GetSecurityInfo
CryptGenRandom
ws2_32
WSAIoctl
WSARecv
WSASend
WSARecvFrom
WSASendTo
select
ioctlsocket
connect
WSAStartup
recvfrom
WSAGetLastError
shutdown
setsockopt
sendto
WSACleanup
recv
bind
__WSAFDIsSet
WSASetLastError
closesocket
send
getsockopt
listen
accept
gethostname
ntohl
htonl
getaddrinfo
htons
ntohs
freeaddrinfo
gethostbyname
socket
rpcrt4
UuidCreate
winmm
timeEndPeriod
timeSetEvent
timeKillEvent
timeBeginPeriod
mswsock
AcceptEx
Exports
Exports
??0CAnalyzeDataInterface@NetSDK@@QAE@ABV01@@Z
??0CAnalyzeDataInterface@NetSDK@@QAE@XZ
??0CCtrlBase@NetSDK@@QAE@ABV01@@Z
??0CLongLinkCtrl@NetSDK@@QAE@ABV01@@Z
??0CMemberBase@NetSDK@@QAE@ABV01@@Z
??0CMemberMgrBase@NetSDK@@QAE@ABV01@@Z
??0CModuleMgrBase@NetSDK@@QAE@ABV01@@Z
??0CModuleSession@NetSDK@@QAE@ABV01@@Z
??0CObjectBase@NetSDK@@QAE@ABV01@@Z
??0CStreamConvertInterface@NetSDK@@QAE@ABV01@@Z
??0CStreamConvertInterface@NetSDK@@QAE@XZ
??0CTransUnitMgrInterface@NetSDK@@QAE@ABV01@@Z
??0CTransUnitMgrInterface@NetSDK@@QAE@XZ
??0IPlayerInterface@@QAE@ABV0@@Z
??0IPlayerInterface@@QAE@XZ
??1CAnalyzeDataInterface@NetSDK@@UAE@XZ
??1CStreamConvertInterface@NetSDK@@UAE@XZ
??1CTransUnitMgrInterface@NetSDK@@UAE@XZ
??1IPlayerInterface@@UAE@XZ
??4CAnalyzeDataInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CCoreSignal@NetSDK@@QAEAAV01@ABV01@@Z
??4CCtrlBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CLongLinkCtrl@NetSDK@@QAEAAV01@ABV01@@Z
??4CMemberBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CMemberMgrBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CModuleMgrBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CModuleSession@NetSDK@@QAEAAV01@ABV01@@Z
??4CMultiThreadControl@NetSDK@@QAEAAV01@ABV01@@Z
??4CNpqInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CObjectBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CRWLockInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CStreamConvertInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CTransUnitMgrInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CUseCountAutoDec@NetSDK@@QAEAAV01@ABV01@@Z
??4CXmlBase@NetSDK@@QAEAAV01@ABV01@@Z
??4IPlayerInterface@@QAEAAV0@ABV0@@Z
??_7CAnalyzeDataInterface@NetSDK@@6B@
??_7CCtrlBase@NetSDK@@6B@
??_7CLongLinkCtrl@NetSDK@@6B@
??_7CMemberBase@NetSDK@@6B@
??_7CMemberMgrBase@NetSDK@@6B@
??_7CModuleMgrBase@NetSDK@@6B@
??_7CModuleSession@NetSDK@@6B@
??_7CObjectBase@NetSDK@@6B@
??_7CStreamConvertInterface@NetSDK@@6B@
??_7CTransUnitMgrInterface@NetSDK@@6B@
??_7IPlayerInterface@@6B@
COM_AudioPreview_Card
COM_CaptureJPEGPicture
COM_CaptureJPEGPicture_NEW
COM_CapturePicture
COM_CapturePictureBlock
COM_CapturePictureBlockNew
COM_CapturePicture_Card
COM_CapturePicture_V50
COM_ClearSurface_Card
COM_ClientGetVideoEffect
COM_ClientSetVideoEffect
COM_ClosePreview
COM_CloseSound
COM_CloseSoundShare
COM_CloseSound_Card
COM_GetCardLastError_Card
COM_GetChanHandle_Card
COM_GetDDrawDeviceTotalNums
COM_GetNPQStat
COM_GetPTZCruise
COM_GetPTZCtrl
COM_GetPTZCtrl_Other
COM_GetPTZProtocol
COM_GetRealPlayOsdTime
COM_GetRealPlayerIndex
COM_GetSerialNum_Card
COM_GetVideoEffect
COM_InitDDrawDevice
COM_InitDDraw_Card
COM_InitDevice_Card
COM_MakeKeyFrame
COM_MakeKeyFrameSub
COM_OpenSound
COM_OpenSoundShare
COM_OpenSound_Card
COM_PTZControl
COM_PTZControlWithSpeed
COM_PTZControlWithSpeed_EX
COM_PTZControlWithSpeed_Other
COM_PTZControl_EX
COM_PTZControl_Other
COM_PTZCruise
COM_PTZCruise_EX
COM_PTZCruise_Other
COM_PTZPreset
COM_PTZPreset_EX
COM_PTZPreset_Other
COM_PTZSelZoomIn
COM_PTZSelZoomIn_EX
COM_PTZTrack
COM_PTZTrack_EX
COM_PTZTrack_Other
COM_PreviewRequest
COM_Preview_Fini
COM_Preview_GetSDKBuildVersion
COM_Preview_Init
COM_RealPlayPause
COM_RealPlayRestart
COM_RealPlay_Card
COM_RefreshSurface_Card
COM_ReleaseDDrawDevice
COM_ReleaseDDraw_Card
COM_ReleaseDevice_Card
COM_RenderPrivateData
COM_RenderPrivateDataEx
COM_ResetDSP_Card
COM_ResetPara_Card
COM_RestoreSurface_Card
COM_RigisterDrawFun
COM_SaveRealData
COM_SetAudioMode
COM_SetCapturePictureMode
COM_SetDDrawDevice
COM_SetDspErrMsg_Card
COM_SetESCallBack
COM_SetESRealPlayCallBack
COM_SetNotifyParam
COM_SetPlayerBufNumber
COM_SetRealDataCallBack
COM_SetShowMode
COM_SetStandardDataCallBack
COM_SetVideoEffect
COM_SetVolume_Card
COM_StartRealPlay
COM_StartRealPlaySpecial
COM_StopRealPlay
COM_StopSaveRealData
COM_ThrowBFrame
COM_TransPTZ
COM_TransPTZ_EX
COM_TransPTZ_Other
COM_Volume
COM_ZeroMakeKeyFrame
COM_ZeroStartPlay
COM_ZeroStopPlay
COM_ZeroTurnOver
_Inter_PTZSelZoomIn_EX@12
Sections
.text Size: 480KB - Virtual size: 479KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 952B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ