Overview

overview

7

Static

static

3

b450b0d72f...30.exe

windows7-x64

7

b450b0d72f...30.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...FC.dll

windows7-x64

3

$PLUGINSDI...FC.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

C:/Windows...20.dll

windows7-x64

3

C:/Windows...20.dll

windows10-2004-x64

3

CamControl.dll

windows7-x64

3

CamControl.dll

windows10-2004-x64

3

CleanAlerts.vbs

windows7-x64

1

CleanAlerts.vbs

windows10-2004-x64

1

ASP_receive.vbs

windows7-x64

1

ASP_receive.vbs

windows10-2004-x64

1

HTML_upload_test.html

windows7-x64

3

HTML_upload_test.html

windows10-2004-x64

3

IPCamera.dll

windows7-x64

3

IPCamera.dll

windows10-2004-x64

3

IPCamera_license.rtf

windows7-x64

4

IPCamera_license.rtf

windows10-2004-x64

1

LibAV/SDL.dll

windows7-x64

3

LibAV/SDL.dll

windows10-2004-x64

3

LibAV/avcodec-52.dll

windows7-x64

3

LibAV/avcodec-52.dll

windows10-2004-x64

3

LibAV/avdevice-52.dll

windows7-x64

3

LibAV/avdevice-52.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    b450b0d72fafc380cba26933fe82602b93b81c5b418e984a2485a3a39f511430.exe

  • Size

    20.1MB

  • MD5

    3962ff4528924e98019bf2b2e4e6605e

  • SHA1

    d800f8f77a3e56161cc3d74e5b49398063b9e355

  • SHA256

    b450b0d72fafc380cba26933fe82602b93b81c5b418e984a2485a3a39f511430

  • SHA512

    936041943eafc8ff2580cd35d7681acb7d987cb27c29c9456f66edb0776943488b6939a85ca5c3b969331f595290c59ba97a87fc045c681290e51f3c9086c028

  • SSDEEP

    393216:GHLQn4xY6dPLO9mAjoGOJLnXTe5s0/fflVtB2zth2fy3VYmtyNp:6xY6dPLmmeGJTXud/ffz2/2fyF1tyNp

Score
3/10

Malware Config

Signatures

  • Unsigned PE 32 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • b450b0d72fafc380cba26933fe82602b93b81c5b418e984a2485a3a39f511430.exe
    .exe windows:4 windows x86 arch:x86

    b1a57b635b23ffd553b3fd1e0960b2bd


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/DotNetChecker.dll
    .dll windows:6 windows x86 arch:x86

    b8c33ee490a63f9fe8a11c7af703ebf9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    738dc9bb91549f627cf1953c2000e1d6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    b97e796968a976ef8d35f255a7819e88


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SimpleFC.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    8abe046ef411de4d3e6e831b6b1ee264


    Headers

    Imports

    Exports

    Sections

  • C:/Windows/System32/ijl20.dll
    .dll windows:5 windows x86 arch:x86

    ec4078474fc1e926dd8e83a98eca1e66


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • CamControl.dll
    .dll windows:1 windows x86 arch:x86


    Headers

    Exports

    Sections

  • CleanAlerts.VBS
    .vbs
  • Countries/Thumbs.db
  • Countries/ae.gif
    .gif
  • Countries/af.gif
    .gif
  • Countries/al.gif
    .gif
  • Countries/am.gif
    .gif
  • Countries/an.gif
    .gif
  • Countries/ao.gif
    .gif
  • Countries/ar.gif
    .gif
  • Countries/at.gif
    .gif
  • Countries/au.gif
    .gif
  • Countries/aw.gif
    .gif
  • Countries/az.gif
    .gif
  • Countries/ba.gif
    .gif
  • Countries/bb.gif
    .gif
  • Countries/bd.gif
    .gif
  • Countries/be.gif
    .gif
  • Countries/bf.gif
    .gif
  • Countries/bg.gif
    .gif
  • Countries/bh.gif
    .gif
  • Countries/bi.gif
    .gif
  • Countries/bj.gif
    .gif
  • Countries/bm.gif
    .gif
  • Countries/bn.gif
    .gif
  • Countries/bo.gif
    .gif
  • Countries/br.gif
    .gif
  • Countries/bs.gif
    .gif
  • Countries/bt.gif
    .gif
  • Countries/bw.gif
    .gif
  • Countries/by.gif
    .gif
  • Countries/bz.gif
    .gif
  • Countries/ca.gif
    .gif
  • Countries/cf.gif
    .gif
  • Countries/cg.gif
    .gif
  • Countries/ch.gif
    .gif
  • Countries/ci.gif
    .gif
  • Countries/ck.gif
    .gif
  • Countries/cl.gif
    .gif
  • Countries/cm.gif
    .gif
  • Countries/cn.gif
    .gif
  • Countries/co.gif
    .gif
  • Countries/cr.gif
    .gif
  • Countries/cu.gif
    .gif
  • Countries/cv.gif
    .gif
  • Countries/cy.gif
    .gif
  • Countries/cz.gif
    .gif
  • Countries/de.gif
    .gif
  • Countries/dk.gif
    .gif
  • Countries/dz.gif
    .gif
  • Countries/ec.gif
    .gif
  • Countries/ee.gif
    .gif
  • Countries/eg.gif
    .gif
  • Countries/empty.gif
    .gif
  • Countries/er.gif
    .gif
  • Countries/es.gif
    .gif
  • Countries/et.gif
    .gif
  • Countries/eu.gif
    .gif
  • Countries/fi.gif
    .gif
  • Countries/fj.gif
    .gif
  • Countries/fo.gif
    .gif
  • Countries/fr.gif
    .gif
  • Countries/ga.gif
    .gif
  • Countries/gb.gif
    .gif
  • Countries/gd.gif
    .gif
  • Countries/ge.gif
    .gif
  • Countries/gf.gif
    .gif
  • Countries/gi.gif
    .gif
  • Countries/gl.gif
    .gif
  • Countries/gp.gif
    .gif
  • Countries/gr.gif
    .gif
  • Countries/gt.gif
    .gif
  • Countries/gu.gif
    .gif
  • Countries/gy.gif
    .gif
  • Countries/hk.gif
    .gif
  • Countries/hr.gif
    .gif
  • Countries/ht.gif
    .gif
  • Countries/hu.gif
    .gif
  • Countries/id.gif
    .gif
  • Countries/ie.gif
    .gif
  • Countries/il.gif
    .gif
  • Countries/in.gif
    .gif
  • Countries/iq.gif
    .gif
  • Countries/ir.gif
    .gif
  • Countries/is.gif
    .gif
  • Countries/it.gif
    .gif
  • Countries/jm.gif
    .gif
  • Countries/jo.gif
    .gif
  • Countries/jp.gif
    .gif
  • Countries/ke.gif
    .gif
  • Countries/kg.gif
    .gif
  • Countries/kh.gif
    .gif
  • Countries/ki.gif
    .gif
  • Countries/kp.gif
    .gif
  • Countries/kr.gif
    .gif
  • Countries/ky.gif
    .gif
  • Countries/kz.gif
    .gif
  • Countries/la.gif
    .gif
  • Countries/lb.gif
    .gif
  • Countries/lc.gif
    .gif
  • Countries/le.gif
    .gif
  • Countries/lk.gif
    .gif
  • Countries/lt.gif
    .gif
  • Countries/lu.gif
    .gif
  • Countries/lv.gif
    .gif
  • Countries/ly.gif
    .gif
  • Countries/ma.gif
    .gif
  • Countries/mc.gif
    .gif
  • Countries/md.gif
    .gif
  • Countries/mg.gif
    .gif
  • Countries/mn.gif
    .gif
  • Countries/mo.gif
    .gif
  • Countries/mp.gif
    .gif
  • Countries/mq.gif
    .gif
  • Countries/ms.gif
    .gif
  • Countries/mt.gif
    .gif
  • Countries/mx.gif
    .gif
  • Countries/my.gif
    .gif
  • Countries/mz.gif
    .gif
  • Countries/na.gif
    .gif
  • Countries/nc.gif
    .gif
  • Countries/nf.gif
    .gif
  • Countries/nl.gif
    .gif
  • Countries/no.gif
    .gif
  • Countries/np.gif
    .gif
  • Countries/nr.gif
    .gif
  • Countries/nz.gif
    .gif
  • Countries/om.gif
    .gif
  • Countries/pa.gif
    .gif
  • Countries/pe.gif
    .gif
  • Countries/pf.gif
    .gif
  • Countries/ph.gif
    .gif
  • Countries/pk.gif
    .gif
  • Countries/pl.gif
    .gif
  • Countries/pm.gif
    .gif
  • Countries/pr.gif
    .gif
  • Countries/pt.gif
    .gif
  • Countries/py.gif
    .gif
  • Countries/qa.gif
    .gif
  • Countries/re.gif
    .gif
  • Countries/ro.gif
    .gif
  • Countries/ru.gif
    .gif
  • Countries/rw.gif
    .gif
  • Countries/sa.gif
    .gif
  • Countries/sb.gif
    .gif
  • Countries/sd.gif
    .gif
  • Countries/se.gif
    .gif
  • Countries/sg.gif
    .gif
  • Countries/si.gif
    .gif
  • Countries/sk.gif
    .gif
  • Countries/sl.gif
    .gif
  • Countries/so.gif
    .gif
  • Countries/sy.gif
    .gif
  • Countries/sz.gif
    .gif
  • Countries/tc.gif
    .gif
  • Countries/tf.gif
    .gif
  • Countries/tg.gif
    .gif
  • Countries/th.gif
    .gif
  • Countries/tn.gif
    .gif
  • Countries/to.gif
    .gif
  • Countries/tp.gif
    .gif
  • Countries/tr.gif
    .gif
  • Countries/tt.gif
    .gif
  • Countries/tv.gif
    .gif
  • Countries/tw.gif
    .gif
  • Countries/tz.gif
    .gif
  • Countries/ua.gif
    .gif
  • Countries/ug.gif
    .gif
  • Countries/uk.gif
    .gif
  • Countries/us.gif
    .gif
  • Countries/uy.gif
    .gif
  • Countries/va.gif
    .gif
  • Countries/ve.gif
    .gif
  • Countries/vg.gif
    .gif
  • Countries/vi.gif
    .gif
  • Countries/vn.gif
    .gif
  • Countries/ws.gif
    .gif
  • Countries/ye.gif
    .gif
  • Countries/yu.gif
    .gif
  • Countries/za.gif
    .gif
  • Countries/zw.gif
    .gif
  • GeoIP.dat
  • HTTP_POST_EXAMPLES.zip
    .zip
  • ASP_receive.asp
    .vbs
  • HTML_upload_test.html
    .html
  • PHP_receive.php
  • PHP_upload_with_FTP.php
  • PHP_upload_without_ftp.php
  • IPCamera.ax
    .dll regsvr32 windows:5 windows x86 arch:x86

    661205d00595e7cad1a09f386c8a7c6c


    Headers

    Imports

    Exports

    Sections

  • IPCamera_license.rtf
    .rtf
  • IPCams.wml
  • LibAV/SDL.dll
    .dll windows:4 windows x86 arch:x86

    3cac573b810d2b09cc2fdfb3b0f3e2c9


    Headers

    Imports

    Exports

    Sections

  • LibAV/avcodec-52.dll
    .dll windows:4 windows x86 arch:x86

    d438f6e2a535b760032885c702e72594


    Headers

    Imports

    Exports

    Sections

  • LibAV/avdevice-52.dll
    .dll windows:4 windows x86 arch:x86

    e70feea6f4f0cdbbd138a25606529f20


    Headers

    Imports

    Exports

    Sections

  • LibAV/avfilter-0.dll
    .dll windows:4 windows x86 arch:x86

    71d55177aa2462d677f5875bb3aa472b


    Headers

    Imports

    Exports

    Sections

  • LibAV/avformat-52.dll
    .dll windows:4 windows x86 arch:x86

    5537e696609b0f9791aa64dda04a763a


    Headers

    Imports

    Exports

    Sections

  • LibAV/avutil-50.dll
    .dll windows:4 windows x86 arch:x86

    df27e1aacb5cc83ff2b00aae3eb39d5b


    Headers

    Imports

    Exports

    Sections

  • LibAV/myutil.dll
    .dll windows:4 windows x86 arch:x86

    7c8f8de83833d7fd016ec4c644169214


    Headers

    Imports

    Exports

    Sections

  • LibAV/swscale-0.dll
    .dll windows:4 windows x86 arch:x86

    14001af813db07f3ee7ac502894ffa12


    Headers

    Imports

    Exports

    Sections

  • OverlayXP.ax
    .dll regsvr32 windows:5 windows x86 arch:x86

    414e7cd8f732a708143c1b8ced55e3cb


    Headers

    Imports

    Exports

    Sections

  • RTSP/Moonware.FFMPEG.Extensions.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RTSP/Moonware.FFMPEG.dll
    .dll windows:6 windows x86 arch:x86

    d7f754734c52fb4ee771ae27790dc599


    Headers

    Imports

    Sections

  • RTSP/Moonware.RTSP.Filter.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RTSP/Moonware.RTSP.Filter.tlb
  • RTSP/avcodec-56.dll
    .dll windows:4 windows x86 arch:x86

    e99b48855b24e76cfb8f986145603142


    Headers

    Imports

    Exports

    Sections

  • RTSP/avdevice-56.dll
    .dll windows:4 windows x86 arch:x86

    a79311ad753fc422fb9d1bd85802db92


    Headers

    Imports

    Exports

    Sections

  • RTSP/avfilter-5.dll
    .dll windows:4 windows x86 arch:x86

    dc8368785b32881fb41696fdb54a41e7


    Headers

    Imports

    Exports

    Sections

  • RTSP/avformat-56.dll
    .dll windows:4 windows x86 arch:x86

    c4c202a8969d91141ffbcf09b1eaa831


    Headers

    Imports

    Exports

    Sections

  • RTSP/avutil-54.dll
    .dll windows:4 windows x86 arch:x86

    33e9de0a9e4da971e9970d780e2b8609


    Headers

    Imports

    Exports

    Sections

  • RTSP/ffmpeg.exe
    .exe windows:4 windows x86 arch:x86

    d057850bf52724304eeede5713ce3240


    Headers

    Imports

    Sections

  • RTSP/install.bat
  • RTSP/swresample-1.dll
    .dll windows:4 windows x86 arch:x86

    315c2ab7252660de4df96386ce1828fb


    Headers

    Imports

    Exports

    Sections

  • RTSP/swscale-3.dll
    .dll windows:4 windows x86 arch:x86

    c0e76f662f366fef068cdbac44f1f73e


    Headers

    Imports

    Exports

    Sections

  • RTSP/uninstall.bat
  • SendAlert.VBS
    .vbs
  • SubsObjects.dll
    .dll windows:4 windows x86 arch:x86

    d06809972e063852ae017b46de4b4b1c


    Headers

    Imports

    Exports

    Sections

  • WM9Profiles/NoAudio/Video for broadband PAL (320x240).prx
  • WM9Profiles/NoAudio/Video for broadband PAL (640x480).prx
  • WM9Profiles/NoAudio/Video for broadband PAL (800x600).prx
  • WM9Profiles/NoAudio/Video for broadband PAL HQ (320x240).prx
  • WM9Profiles/NoAudio/Video for broadband PAL HQ (640x480).prx
  • WM9Profiles/NoAudio/WMV9 (320x240).prx
  • WM9Profiles/NoAudio/WMV9 (640x480).prx
  • WM9Profiles/NoAudio/WMV9 (800x600).prx
  • WM9Profiles/Video for broadband PAL (320x240).prx
  • WM9Profiles/Video for broadband PAL (640x480).prx
  • WM9Profiles/WM8 Video for DSLCable Delivery (320x240).prx
  • WM9Profiles/WM8 Video for DSLCable Delivery HQ (320x240).prx
  • WM9Profiles/WM9 High (400x300).prx
  • WM9Profiles/WM9 Single (800x600).prx
  • WM9Profiles/WMV9 WMA9 (320x240).prx
  • WM9Profiles/WMV9 WMA9 (640x480).prx
  • WM9Profiles/WMV9 WMA9 (800x600).prx
  • WebFiles/Css_Styles/Thumbs.db
  • WebFiles/Css_Styles/background.gif
    .gif
  • WebFiles/Css_Styles/color.gif
    .gif
  • WebFiles/Css_Styles/default.css
  • WebFiles/Css_Styles/dragWindow.jpg
    .jpg
  • WebFiles/Css_Styles/gray.gif
    .gif
  • WebFiles/Css_Styles/milkbox/close.gif
    .gif
  • WebFiles/Css_Styles/milkbox/loading.gif
    .gif
  • WebFiles/Css_Styles/milkbox/milkbox.css
  • WebFiles/Css_Styles/milkbox/next.gif
    .gif
  • WebFiles/Css_Styles/milkbox/prev.gif
    .gif
  • WebFiles/Css_Styles/mobile.css
  • WebFiles/Css_Styles/stone_24.gif
    .gif
  • WebFiles/Css_Styles/title.jpg
    .jpg
  • WebFiles/Thumbs.db
  • WebFiles/flashFLV.swf
  • WebFiles/flashMJPEG.swf
  • WebFiles/im_ptz_down.gif
    .gif
  • WebFiles/im_ptz_left.gif
    .gif
  • WebFiles/im_ptz_minus.gif
    .gif
  • WebFiles/im_ptz_plus.gif
    .gif
  • WebFiles/im_ptz_right.gif
    .gif
  • WebFiles/im_ptz_up.gif
    .gif
  • WebFiles/js/milkbox.js
    .js
  • WebFiles/js/mootools-1.2-core.js
    .js
  • WebFiles/js/mootools-1.2-more.js
    .js
  • WebFiles/loading.jpg
    .jpg
  • WebFiles/menu/VBtn.jpg
    .jpg
  • WebFiles/menu/sBtn.jpg
    .jpg
  • WebFiles/menu/sBtnHover.jpg
    .jpg
  • WebFiles/menu/sLeft.jpg
    .jpg
  • WebFiles/menu/sLeftHover.jpg
    .jpg
  • WebFiles/menu/sRight.jpg
    .jpg
  • WebFiles/menu/sRightHover.jpg
    .jpg
  • WebFiles/menu/vBtnHover.jpg
    .jpg
  • WebFiles/menu/vLeft.jpg
    .jpg
  • WebFiles/menu/vLeftHover.jpg
    .jpg
  • WebFiles/menu/vRight.jpg
    .jpg
  • WebFiles/menu/vRightHover.jpg
    .jpg
  • WebFiles/menu/vRightHover_.jpg
    .jpg
  • WebFiles/offline.jpg
    .jpg
  • ijl20.dll
    .dll windows:5 windows x86 arch:x86

    ec4078474fc1e926dd8e83a98eca1e66


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • libeay32.dll
    .dll windows:4 windows x86 arch:x86

    9a8fb143a010f07506356c42d6154f05


    Headers

    Imports

    Exports

    Sections

  • libgfl290.dll
    .dll windows:4 windows x86 arch:x86

    c09d9d56c1112d01d7bf7a2fedad01f4


    Headers

    Imports

    Exports

    Sections

  • libgfle290.dll
    .dll windows:4 windows x86 arch:x86

    dbe8bbf9c98e6a58bc6c0466e2e8c350


    Headers

    Imports

    Exports

    Sections

  • license.rtf
    .rtf
  • readme.rtf
    .rtf
  • reg_IPCamera.bat
  • ssleay32.dll
    .dll windows:4 windows x86 arch:x86

    ec3469e6569d715ba5e5e1375e9767e9


    Headers

    Imports

    Exports

    Sections

  • unreg_IPCamera.bat
  • w7-uninst.exe.nsis
  • wCompressor.exe
    .exe windows:5 windows x86 arch:x86

    7c2617beaadf60a2c68774cd0d441686


    Code Sign

    Headers

    Imports

    Sections

  • webcam7.Service.exe
    .exe windows:5 windows x86 arch:x86

    baa93d47220682c04d92f7797d9224ce


    Code Sign

    Headers

    Imports

    Sections

  • webcam7.exe
    .exe windows:5 windows x86 arch:x86

    baa93d47220682c04d92f7797d9224ce


    Code Sign

    Headers

    Imports

    Sections