51b668279c23d4771b71757f40053ceeccd1082c6fa30a347fd1c83dbd3c4be1

Sharing

Copy URL Twitter E-mail

General

Target

51b668279c23d4771b71757f40053ceeccd1082c6fa30a347fd1c83dbd3c4be1
Size

281KB
MD5

ebaaf911cb92b74f95fb9c9b0cde5199
SHA1

5fe0aca70eea5eea8441aecde3a653878e762026
SHA256

51b668279c23d4771b71757f40053ceeccd1082c6fa30a347fd1c83dbd3c4be1
SHA512

d832dd468a9c7dd21ff7d07afac1e04af500a17f264842789258bb3fca0603d74c222bb910f8f53a2e1c6f108d374085b50d8d0ecea9c8d7d50766f7199766b8
SSDEEP

3072:/qL3zXVbmZ/6wNLnyYm00V8frNbpQuFBUDqCivA8+NkauIxiv1osQhrQCQqIRmjT:i7zXgQwRnFhIQU67RlvyDh0RqIRV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51b668279c23d4771b71757f40053ceeccd1082c6fa30a347fd1c83dbd3c4be1

Files

51b668279c23d4771b71757f40053ceeccd1082c6fa30a347fd1c83dbd3c4be1
.exe windows:5 windows x86 arch:x86

e733476b6abc7fef01c80ca5168d2dd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\tools\face_project\guangxi\CameraShow\Release\CameraShow.pdb

Imports

seetafaceantispoofing104

?SetVideoFrameCount@FaceAntiSpoofing@v104@seeta@@QAEXH@Z
?SetThreshold@FaceAntiSpoofing@v104@seeta@@QAEXMM@Z
?Predict@FaceAntiSpoofing@v104@seeta@@QBE?AW4Status@123@ABUSeetaImageData@@ABUSeetaRect@@PBUSeetaPointF@@@Z
?GetPreFrameScore@FaceAntiSpoofing@v104@seeta@@QAEXPAM0@Z
?PredictVideo@FaceAntiSpoofing@v104@seeta@@QBE?AW4Status@123@ABUSeetaImageData@@ABUSeetaRect@@PBUSeetaPointF@@@Z
??1FaceAntiSpoofing@v104@seeta@@QAE@XZ
??0FaceAntiSpoofing@v104@seeta@@QAE@ABUSeetaModelSetting@@@Z

viplfacedetector510

??1FaceDetector@v510@seeta@@QAE@XZ
?Detect@FaceDetector@v510@seeta@@QBE?AUSeetaFaceInfoArray@@ABUSeetaImageData@@@Z
?SetVideoStable@FaceDetector@v510@seeta@@QAEX_N@Z
?SetMinFaceSize@FaceDetector@v510@seeta@@QAEXH@Z
?SetScoreThresh@FaceDetector@v510@seeta@@QAEXMMM@Z
?SetImagePyramidScaleFactor@FaceDetector@v510@seeta@@QAEXM@Z
??0FaceDetector@v510@seeta@@QAE@ABUSeetaModelSetting@@@Z

viplpointdetector500

??1PointDetector@v500@seeta@@QAE@XZ
?GetLandmarkNumber@PointDetector@v500@seeta@@QBEHXZ
?Detect@PointDetector@v500@seeta@@QBE_NABUSeetaImageData@@ABUSeetaRect@@PAUSeetaPointF@@@Z
??0PointDetector@v500@seeta@@QAE@ABUSeetaModelSetting@@@Z

facematch_dll

SetModelPathC
FaceTraceRGBMore

kernel32

FindNextFileW
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
DeleteFileW
SetEvent
WaitForSingleObject
Sleep
TerminateThread
CreateEventW
InitializeCriticalSection
CloseHandle
QueryPerformanceCounter
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
LockResource
FindResourceExW
OpenMutexW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetCommandLineW
LocalFree
GetTempPathW
RaiseException
DecodePointer
IsDebuggerPresent
OutputDebugStringW
GetStringTypeW
GetCPInfo
lstrcmpW
GetACP
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
RtlUnwind
IsProcessorFeaturePresent
GetModuleHandleExW
ExitProcess
ExitThread
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
VirtualQuery
VirtualProtect
VirtualAlloc
EncodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
WritePrivateProfileStringW
GetPrivateProfileStringW
FindFirstFileW
InterlockedExchange
LeaveCriticalSection
GetPrivateProfileIntW
GetCurrentProcess
LocalLock
MoveFileExW
GetLocalTime
FindClose
WriteFile
SetFilePointer
CreateDirectoryW
FormatMessageW
GetFileSize
FreeLibrary
EnterCriticalSection
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
GetFileType
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
LCMapStringW
SetFilePointerEx
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetOEMCP
LoadLibraryExW
GetModuleFileNameW
CreateFileW
GetModuleHandleW
GetProcAddress
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar

user32

MessageBoxW
GetDlgItem
GetWindowThreadProcessId
GetWindowTextW
GetClassNameW
IsWindowVisible
EnumWindows
ReleaseDC
FillRect
GetDC
GetClientRect
GetParent
SetRect
PostMessageW
GetWindowRect
MoveWindow
SetWindowPos
GetSystemMetrics
GetTopWindow
SetParent
DialogBoxParamW
IsWindow
FindWindowW
SetForegroundWindow
SetWindowLongW
EnableWindow
EndDialog
ShowWindow
SendDlgItemMessageW
SetWindowTextW
GetWindowLongW
LoadIconW
SendMessageW

ole32

CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

shell32

CommandLineToArgvW

oleaut32

VariantClear
VariantInit

shlwapi

PathIsRelativeW
PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecW
PathFindExtensionW
PathAddBackslashW
PathCombineW

gdi32

SetBkMode
CreateFontIndirectW
SetTextColor
SetDIBColorTable
SelectObject
GetDIBColorTable
StretchBlt
DeleteObject
TextOutW
SetStretchBltMode
CreateDIBSection
BitBlt
CreateCompatibleDC
DeleteDC
GetStockObject
GetObjectW

gdiplus

GdipCreateFromHDC
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipImageRotateFlip
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImageWidth
GdipGetImagePaletteSize

msimg32

TransparentBlt
AlphaBlend

dbghelp

MakeSureDirectoryPathExists

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e733476b6abc7fef01c80ca5168d2dd6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

seetafaceantispoofing104

viplfacedetector510

viplpointdetector500

facematch_dll

kernel32

user32

ole32

shell32

oleaut32

shlwapi

gdi32

gdiplus

msimg32

dbghelp

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 6KB - Virtual size: 16KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 180KB - Virtual size: 180KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 6KB - Virtual size: 16KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 9KB - Virtual size: 9KB