HCVoiceTalk[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

HCVoiceTalk.dll
Size

587KB
MD5

a1788e8f16f90703b8c530a4a51430ff
SHA1

8429f6bd71676325cf4b31e7b352f7afb0fe933f
SHA256

7b96b9d9a7bd4704141ac8a6f7541003c26e1c6f6f566f55e0f7913fe44836eb
SHA512

863e8c61c024b01006a6326f5d318a44af02d09cb00cd6d0adc3b9bc6a71bcef6b50f26185b6532e2881847199a91e3097982d1660dce38d0337e32f972cd037
SSDEEP

12288:ir7ZXfi+aZyr7wDmdQsF4/UcmqC8pi999ybcNE27yVULo+gZlHAG0Fdjk/cuaiD8:ir7ZXL2/+4ZlHWdAku9XJG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HCVoiceTalk.dll

Files

HCVoiceTalk.dll
.dll windows:6 windows x86 arch:x86

34d7e4b3a0d108dd1fa62a0fc4f58b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\APP_Package_SDK_Windows32\common\HCNetSDK\VS2013\lib\win32\HCNetSDKCom\HCVoiceTalk.pdb

Imports

hccore

?Start@CMemberBase@NetSDK@@UAEHPAX@Z
?Stop@CMemberBase@NetSDK@@UAEHXZ
??1CMemberMgrBase@NetSDK@@UAE@XZ
?CheckResource@CMemberMgrBase@NetSDK@@UAEHXZ
Core_WriteLogStr
_Core_SetLastError@4
_Core_GetSysLastError@0
_Core_LoadDSo@4
??1CModuleSession@NetSDK@@UAE@XZ
?CheckResource@CModuleSession@NetSDK@@UAEHXZ
?Start@CModuleSession@NetSDK@@UAEHPAX@Z
?Stop@CModuleSession@NetSDK@@UAEHXZ
??1CModuleMgrBase@NetSDK@@UAE@XZ
?CheckResource@CModuleMgrBase@NetSDK@@UAEHXZ
??1CCtrlBase@NetSDK@@UAE@XZ
??1CLongLinkCtrl@NetSDK@@UAE@XZ
??2CObjectBase@NetSDK@@SAPAXIW4tagMemoryClass@@@Z
??3CObjectBase@NetSDK@@SAXPAXW4tagMemoryClass@@@Z
?GetMemberIndex@CMemberBase@NetSDK@@QAEHXZ
?GetMember@CMemberMgrBase@NetSDK@@QAEPAVCMemberBase@2@H@Z
?LockMember@CMemberMgrBase@NetSDK@@QBEHH@Z
?UnlockMember@CMemberMgrBase@NetSDK@@QBEHH@Z
?AllocIndex@CMemberMgrBase@NetSDK@@IAEHP6GPAVCMemberBase@2@PBX@Z0PAX@Z
?FreeIndex@CMemberMgrBase@NetSDK@@IAEHHH@Z
_Core_ConvertCommandStatusToErrorCode@4
_Core_NewArray@4
_Core_DelArray@4
_Core_SetProSysFunc@4
_Core_MsgOrCallBack@16
_Core_Assert@0
_Core_GetNetworkEnvironment@4
_Core_GetTimeoutLimitDependsOnNetwork@0
??0CModuleSession@NetSDK@@QAE@XZ
?SetUserID@CModuleSession@NetSDK@@QAEHH@Z
?GetUserID@CModuleSession@NetSDK@@QAEHXZ
??0CModuleMgrBase@NetSDK@@QAE@IW4tagModuleType@@@Z
??0CCoreSignal@NetSDK@@QAE@XZ
??1CCoreSignal@NetSDK@@QAE@XZ
?Create@CCoreSignal@NetSDK@@QAEHXZ
?Post@CCoreSignal@NetSDK@@QAEHXZ
?TimedWait@CCoreSignal@NetSDK@@QAEHI@Z
?Destroy@CCoreSignal@NetSDK@@QAEHXZ
_Core_SimpleCommandToDvr@36
??0CLongLinkCtrl@NetSDK@@QAE@H@Z
?CheckResource@CMemberBase@NetSDK@@UAEHXZ
?HasCreateLink@CLongLinkCtrl@NetSDK@@QAEHXZ
?StartSendThread@CLongLinkCtrl@NetSDK@@QAEHP6GPAXPAX@Z0@Z
?StartRecvThread@CLongLinkCtrl@NetSDK@@QAEHP6AHPAXPBXII@Z0@Z
?StopSendThread@CLongLinkCtrl@NetSDK@@QAEXXZ
?StopRecvThread@CLongLinkCtrl@NetSDK@@QAEXXZ
?CreateLink@CLongLinkCtrl@NetSDK@@QAEHIW4tagInterLinkTypeEnum@@PBUtagLinkCondSimple@@@Z
?DestroyLink@CLongLinkCtrl@NetSDK@@QAEHXZ
?GetLink@CLongLinkCtrl@NetSDK@@QAEPAXXZ
?SendNakeData@CLongLinkCtrl@NetSDK@@QAEHPBU__DATA_BUF@@I@Z
?ResumeRecvThread@CLongLinkCtrl@NetSDK@@QAEHXZ
?GetLocalIPInfo@CLongLinkCtrl@NetSDK@@QAEHPAUtagProIPAddrInfo@@@Z
?SetRecvTimeout@CLongLinkCtrl@NetSDK@@QAEXI@Z
?CommandEnlargeBufferSize@CLongLinkCtrl@NetSDK@@QAEHII@Z
??0CCycleBuffer@NetSDK@@QAE@I@Z
??1CCycleBuffer@NetSDK@@UAE@XZ
?Write@CCycleBuffer@NetSDK@@QAEHPBDI@Z
?Read@CCycleBuffer@NetSDK@@QAEHPAEI@Z
_Core_GetProInfo@8
_Core_GetDevInfo@8
?GetMaxMemberNum@CMemberMgrBase@NetSDK@@QAEIXZ
_Core_ConvertCmdStatusToErrorCode@4
?ForceStopByUserID@CModuleMgrBase@NetSDK@@QAEHH@Z
_COM_ReLogin@4
_COM_CheckNeedReLoginByState@4
COM_User_CheckID
_Core_GetDevProVer@4
COM_Core_Init
COM_Core_Fini
_Core_VoiceMessageCallBack@16
_Core_GetPushModeParam@4
_Core_SplittingSend@12
??0CCtrlBase@NetSDK@@QAE@XZ
?Lock@CCtrlBase@NetSDK@@QAEHXZ
?UnLock@CCtrlBase@NetSDK@@QAEHXZ
_COM_SetProcessCB@8
_PRO_SendProDataWithRecv@16
_Core_GetDevSupportFromArr@8
_Core_StrtoIpv4@4
??0CUseCountAutoDec@NetSDK@@QAE@PAH@Z
??1CUseCountAutoDec@NetSDK@@QAE@XZ
?Init@CCtrlBase@NetSDK@@QAEHXZ
?Fini@CCtrlBase@NetSDK@@QAEHXZ
?CheckInit@CCtrlBase@NetSDK@@QAEHXZ
?GetUseCount@CCtrlBase@NetSDK@@QAEPAHXZ
??1CMemberBase@NetSDK@@UAE@XZ
??3CObjectBase@NetSDK@@SAXPAX@Z
?StartPush@CLongLinkCtrl@NetSDK@@QAEHPBUtagPushLongLinkParams@2@@Z
??1CObjectBase@NetSDK@@UAE@XZ

hccoredevcfg

COM_CoreDevCfg_Fini
COM_CoreDevCfg_Init

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
Sleep
MultiByteToWideChar
GlobalMemoryStatusEx
GetSystemInfo
GetModuleHandleA
OutputDebugStringA
SetPriorityClass
TlsGetValue
GetCurrentProcess
WaitForSingleObject
TlsSetValue
SetThreadPriority
GetCurrentThreadId
TlsAlloc
CloseHandle
TlsFree
SuspendThread
ResumeThread
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
QueryPerformanceFrequency
TryEnterCriticalSection
SetWaitableTimer
SetEvent
CreateEventA
GetLastError
ResetEvent
WaitForMultipleObjects
CreateWaitableTimerA
GetQueuedCompletionStatus
WriteFile
ReadFile
PostQueuedCompletionStatus
CreateIoCompletionPort
CreateSemaphoreA
ReleaseSemaphore
CreateFileA
SetFilePointer
FlushFileBuffers
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
CopyFileA
FindClose
GetFileType
MoveFileA
GetModuleFileNameA
FindNextFileA
GetFileInformationByHandle
LocalFree
DeleteFileA
LoadLibraryExA
GetProcAddress
FileTimeToLocalFileTime
FreeLibrary
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
SetStdHandle
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
HeapReAlloc
GetFileAttributesExW
MoveFileExW
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameW
GetStdHandle
GetProcessHeap
GetCurrentThread
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetModuleHandleW
GetStartupInfoW
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
EncodePointer
DecodePointer
GetStringTypeW
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
LoadLibraryExW
AreFileApisANSI
FatalAppExitA
VirtualQuery

advapi32

CryptGenRandom
GetSecurityInfo
CryptAcquireContextA

ws2_32

WSAIoctl
WSARecv
WSASend
WSASendTo
select
ioctlsocket
connect
WSAStartup
recvfrom
WSAGetLastError
shutdown
WSARecvFrom
sendto
WSACleanup
recv
bind
socket
__WSAFDIsSet
WSASetLastError
closesocket
send
getsockopt
listen
accept
gethostname
ntohl
htonl
getaddrinfo
htons
ntohs
freeaddrinfo
gethostbyname
setsockopt

rpcrt4

UuidCreate

winmm

timeSetEvent
timeEndPeriod
timeKillEvent
timeBeginPeriod

mswsock

AcceptEx

Exports

Exports

??0CCtrlBase@NetSDK@@QAE@ABV01@@Z
??0CCycleBuffer@NetSDK@@QAE@ABV01@@Z
??0CLongLinkCtrl@NetSDK@@QAE@ABV01@@Z
??0CMemberBase@NetSDK@@QAE@ABV01@@Z
??0CMemberMgrBase@NetSDK@@QAE@ABV01@@Z
??0CModuleMgrBase@NetSDK@@QAE@ABV01@@Z
??0CModuleSession@NetSDK@@QAE@ABV01@@Z
??0CObjectBase@NetSDK@@QAE@ABV01@@Z
??0CTransUnitMgrInterface@NetSDK@@QAE@ABV01@@Z
??0CTransUnitMgrInterface@NetSDK@@QAE@XZ
??1CTransUnitMgrInterface@NetSDK@@UAE@XZ
??4CCoreSignal@NetSDK@@QAEAAV01@ABV01@@Z
??4CCtrlBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CCycleBuffer@NetSDK@@QAEAAV01@ABV01@@Z
??4CLongLinkCtrl@NetSDK@@QAEAAV01@ABV01@@Z
??4CMemberBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CMemberMgrBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CModuleMgrBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CModuleSession@NetSDK@@QAEAAV01@ABV01@@Z
??4CMultiThreadControl@NetSDK@@QAEAAV01@ABV01@@Z
??4CObjectBase@NetSDK@@QAEAAV01@ABV01@@Z
??4CRWLockInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CTransUnitMgrInterface@NetSDK@@QAEAAV01@ABV01@@Z
??4CUseCountAutoDec@NetSDK@@QAEAAV01@ABV01@@Z
??_7CCtrlBase@NetSDK@@6B@
??_7CCycleBuffer@NetSDK@@6B@
??_7CLongLinkCtrl@NetSDK@@6B@
??_7CMemberBase@NetSDK@@6B@
??_7CMemberMgrBase@NetSDK@@6B@
??_7CModuleMgrBase@NetSDK@@6B@
??_7CModuleSession@NetSDK@@6B@
??_7CObjectBase@NetSDK@@6B@
??_7CTransUnitMgrInterface@NetSDK@@6B@
COM_AddDVR
COM_AddDVR_V30
COM_ClientAudioStart
COM_ClientAudioStart_V30
COM_ClientAudioStop
COM_DecodeG711Frame
COM_DecodeG722Frame
COM_DecodeG726Frame
COM_DelDVR
COM_DelDVR_V30
COM_EncodeG711Frame
COM_EncodeG722Frame
COM_EncodeG726Frame
COM_GetCurrentAudioCompress
COM_GetCurrentAudioCompress_V50
COM_InitG722Decoder
COM_InitG722Encoder
COM_InitG726Decoder
COM_InitG726Encoder
COM_ReleaseG722Decoder
COM_ReleaseG722Encoder
COM_ReleaseG726Decoder
COM_ReleaseG726Encoder
COM_SetVoiceComClientVolume
COM_SetVoiceDataCallBack
COM_StartVoiceCom
COM_StartVoiceCom_MR
COM_StartVoiceCom_MR_V30
COM_StartVoiceCom_V30
COM_StopVoiceCom
COM_VoiceComSendData
COM_VoiceRequest
COM_VoiceTalk_Fini
COM_VoiceTalk_GetSDKBuildVersion
COM_VoiceTalk_Init

Sections

.text
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34d7e4b3a0d108dd1fa62a0fc4f58b27

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hccore

hccoredevcfg

kernel32

advapi32

ws2_32

rpcrt4

winmm

mswsock

Exports

Exports

Sections

.text Size: 449KB - Virtual size: 449KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 35KB - Virtual size: 1.1MB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 449KB - Virtual size: 449KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 35KB - Virtual size: 1.1MB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 22KB - Virtual size: 21KB