StreamTransClient[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

StreamTransClient.dll
Size

626KB
MD5

3bdb752c2f72b203b1eee2679c232c97
SHA1

658a65e4278fa6f1ec49d8514d5620c9c83cbfd5
SHA256

d46a80135b647d098f464d8b2a52415af9f54bee98d60de4c5ee359e384a8d04
SHA512

ac84d3ee287e590c18360ce3f4ac99869d17c9ea1788f324895b363310d85449c183e0dc058c5271ad3b1df2663ca921c508283bb486de5a20ed3e193a6bacd2
SSDEEP

12288:ONF8pKLJf+nP/YjE1g6MQrm8hlVcVHmCPfI6nIIIIIIIIIIIIIIIIIIIIIIIIII3:ON6UJf+nPAw1g6xZKHmCPQMIIIIIIIIz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
StreamTransClient.dll

Files

StreamTransClient.dll
.dll windows:6 windows x86 arch:x86

6c3f8d0c99d784be303b533a1f8a6747

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\APP_Package_SDK_RTSP_Win32\lib\vc2013_staticHpr\StreamTransClient.pdb

Imports

kernel32

CreateSemaphoreA
ReleaseSemaphore
CloseHandle
SetPriorityClass
TlsGetValue
GetCurrentProcess
TlsSetValue
SetThreadPriority
GetCurrentThreadId
TlsAlloc
TlsFree
SuspendThread
ResumeThread
SetLastError
WideCharToMultiByte
Sleep
MultiByteToWideChar
GetProcAddress
GlobalMemoryStatusEx
GetSystemInfo
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
QueryPerformanceFrequency
FileTimeToLocalFileTime
GetQueuedCompletionStatus
WriteFile
ReadFile
PostQueuedCompletionStatus
WaitForSingleObject
FreeLibrary
LoadLibraryExA
LoadLibraryA
SetWaitableTimer
SetEvent
CreateEventA
ResetEvent
WaitForMultipleObjects
CreateWaitableTimerA
CreateFileA
SetFilePointer
FlushFileBuffers
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
CopyFileA
FindClose
GetFileType
MoveFileA
FindNextFileA
GetFileInformationByHandle
LocalFree
DeleteFileA
HeapAlloc
HeapFree
GetProcessHeap
ReleaseMutex
CreateMutexA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
GetModuleHandleA
GetModuleFileNameA
CreateIoCompletionPort
GetLastError
SetEndOfFile
OutputDebugStringW
SetConsoleCtrlHandler
HeapReAlloc
GetFileAttributesExW
MoveFileExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
SetStdHandle
GetModuleFileNameW
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThread
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetModuleHandleW
GetStartupInfoW
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
FatalAppExitA
AreFileApisANSI
IsProcessorFeaturePresent
IsDebuggerPresent
LoadLibraryExW
ExitThread
CreateThread
EncodePointer
DecodePointer
GetStringTypeW
RaiseException
RtlUnwind
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetCommandLineA

advapi32

InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid
AddAccessAllowedAce
GetSecurityInfo
SetSecurityDescriptorDacl

ws2_32

WSAIoctl
WSARecv
WSASend
WSARecvFrom
WSASendTo
gethostname
ntohl
htonl
getaddrinfo
freeaddrinfo
gethostbyname
getpeername
inet_addr
htons
ntohs
getsockname
ioctlsocket
connect
WSAStartup
recvfrom
WSAGetLastError
shutdown
setsockopt
sendto
WSACleanup
recv
socket
WSASetLastError
closesocket
send
getsockopt
listen
accept
select
__WSAFDIsSet
bind

rpcrt4

UuidCreate

winmm

timeEndPeriod
timeSetEvent
timeKillEvent
timeBeginPeriod

mswsock

AcceptEx

Exports

Exports

OPENSSL_Applink
StreamTransClient_ChangeRate
StreamTransClient_ChangeRateEx
StreamTransClient_CreateSession
StreamTransClient_CreateSessionEx
StreamTransClient_DestroySession
StreamTransClient_FiniLib
StreamTransClient_GetLastError
StreamTransClient_GetLastErrorByTls
StreamTransClient_InitLib
StreamTransClient_Pause
StreamTransClient_PauseEx
StreamTransClient_PlayEx
StreamTransClient_PrivateTrans
StreamTransClient_RandomPlay
StreamTransClient_RandomPlayEx
StreamTransClient_ResetDataCallBack
StreamTransClient_ResetDataCallBackEx
StreamTransClient_Resume
StreamTransClient_ResumeEx
StreamTransClient_SetBindPort
StreamTransClient_SetLocalIP
StreamTransClient_SetParams
StreamTransClient_SetRecvTimeout
StreamTransClient_SetTCPPortRange
StreamTransClient_SetUDPPortRange
StreamTransClient_SetUDPRetrans
StreamTransClient_SetWriteLogFun
StreamTransClient_Start
StreamTransClient_StartEx
StreamTransClient_Stop
_StreamTransClient_SetPortShare@4

Sections

.text
Size: 494KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c3f8d0c99d784be303b533a1f8a6747

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ws2_32

rpcrt4

winmm

mswsock

Exports

Exports

Sections

.text Size: 494KB - Virtual size: 493KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 10KB - Virtual size: 1.4MB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 494KB - Virtual size: 493KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 10KB - Virtual size: 1.4MB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 24KB - Virtual size: 24KB