avicap32[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

avicap32.dll
Size

76KB
MD5

8121642a1c232096a31e01f70c9ff961
SHA1

db548f14a7d668dab01b7f1e6f3442d26f3b1121
SHA256

d3983abcd130a47ee33b0dc9d3d90fa975cf26f31a3d6d5d3d65fcc7e7ce9a3d
SHA512

50a8259593d63b3dbe7ea0719ec60dc40a5387d1bfce6dff331076f2965e04ff6a99ec219674a5718339c0cc5fe56d0d95643b6ae922f5db3d4c95706096b2da
SSDEEP

1536:RPAaYd0nkNCzaljtwihDEwGApxxHGKyUejgedfQuwPrfWrf7VUJ:XojCSWih4BAbxsUmgetc61UJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
avicap32.dll

Files

avicap32.dll
.dll windows:6 windows x64 arch:x64

164a8b9dc1c15d9850701acebd4821d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

avicap32.pdb

Imports

msvcrt

_vsnprintf
memmove
atoi
_XcptFilter
free
malloc
_initterm
__C_specific_handler
_vsnwprintf
_amsg_exit
memcpy
memset

user32

GetClipboardData
EqualRect
SetWindowLongPtrW
SendMessageW
DefWindowProcW
MessageBeep
PeekMessageW
SetCursor
CloseClipboard
GetClientRect
GetDC
GetAsyncKeyState
SetRect
BeginPaint
ReleaseDC
EmptyClipboard
OpenClipboard
MessageBoxW
UpdateWindow
SetClipboardData
UnregisterClassW
GetParent
LoadCursorW
GetWindowLongPtrW
GetClassInfoW
LoadStringW
CreateWindowExW
RegisterClassW
MsgWaitForMultipleObjects
KillTimer
SetTimer
ClientToScreen
EndPaint
DispatchMessageW
TranslateMessage
IsWindow
LoadStringA
PostMessageW
InvalidateRect

kernel32

GetDiskFreeSpaceW
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
GetModuleHandleW
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
GetACP
GetFileAttributesW
LeaveCriticalSection
InitializeCriticalSection
GetPrivateProfileStringW
GetProcessHeap
HeapFree
HeapAlloc
LocalUnlock
lstrcmpiW
DeleteFileW
GetProcAddress
GetLastError
GetOverlappedResult
lstrlenA
GlobalLock
GlobalAlloc
WideCharToMultiByte
LocalHandle
GetModuleFileNameW
MultiByteToWideChar
lstrlenW
GlobalUnlock
LocalLock
DisableThreadLibraryCalls
GlobalFree
LocalAlloc
LocalFree
FreeLibrary
QueryPerformanceCounter
WaitForSingleObject
SetEvent
GetCurrentThread
VirtualFree
MulDiv
SetThreadPriority
VirtualAlloc
GetLocalTime
GlobalMemoryStatusEx
CreateEventW
GlobalHandle
GetThreadPriority
QueryPerformanceFrequency
CloseHandle
GlobalReAlloc
CreateThread
GetFullPathNameW
GetFileSize
SetFilePointer
WriteFile
LoadLibraryW
CreateFileW

gdi32

GetDCOrgEx
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
GetClipBox
CreatePalette
DeleteObject
PatBlt
SelectObject
GetPaletteEntries
GetObjectW
GetNearestPaletteIndex
GetStockObject
SetWindowOrgEx
RealizePalette

winmm

mmioClose
mmioSeek
mmioRead
mmioCreateChunk
mmioAscend
mmioDescend
mmioFlush
waveOutGetNumDevs
mciSendStringW
mmioOpenW
CloseDriver
OpenDriver
waveInStart
waveInStop
timeGetTime
waveInReset
waveInUnprepareHeader
waveInAddBuffer
waveInOpen
mmioWrite
waveInClose
SendDriverMessage
waveInPrepareHeader

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegCreateKeyW
RegOpenKeyW
RegQueryValueExW
RegEnumKeyW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

msvfw32

DrawDibGetPalette
ICSeqCompressFrameStart
ICCompressorChoose
ICSeqCompressFrame
ICSeqCompressFrameEnd
ICImageDecompress
DrawDibBegin
DrawDibClose
ICCompressorFree
DrawDibRealize
DrawDibOpen
DrawDibDraw

Exports

Exports

AppCleanup
capCreateCaptureWindowA
capCreateCaptureWindowW
capGetDriverDescriptionA
capGetDriverDescriptionW
videoThunk32

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

164a8b9dc1c15d9850701acebd4821d2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

winmm

advapi32

version

msvfw32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 1024B - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 1KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 52B

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 1KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 52B