Submission Summary:

What's been foundSeverity Level
Registers a 32-bit in-process server DLL.
Registers a Browser Helper Object (Microsoft's Internet Explorer plugin module).

 

Technical Details:

NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %DesktopDir%\VirtualCamera.lnk 724 bytes MD5: 0x3A068F3335AF7E0F1381FE36F1288361
SHA-1: 0x54010B4131C9895EF14B8A18264D14231A0D8E60
2 %Temp%\nsisos.dll 5,632 bytes MD5: 0x69806691D649EF1C8703FD9E29231D44
SHA-1: 0xE2193FCF5B4863605EEC2A5EB17BF84C7AC00166
3 %Programs%\MorningSound Home Page.lnk 762 bytes MD5: 0x504C006152A66EF30CE3B7823E5D5FF9
SHA-1: 0x43C9F5B0E2CC30B2A6CD7F24A144D585BC73F81C
4 %Programs%\Uninstall VirtualCamera.lnk 1,421 bytes MD5: 0xE0C8C5E596FD4F109E6189E26726DB63
SHA-1: 0xDB986DFEE7DD9531C5183BB65679072F3BDB9F1C
5 %Programs%\VirtualCamera Help.lnk 762 bytes MD5: 0xFD8FA7136378563F94E688EEC8F0CD29
SHA-1: 0x415EFA46715D692BF548E55CCC8EFB48FF4951E0
6 %Programs%\VirtualCamera.lnk 730 bytes MD5: 0xB671BACE0AFE109567263236A750F6E9
SHA-1: 0x0189451CC093D481BFDE81F153A34684CBD83EA7
7 %ProgramFiles%\VirtualCamera\driver\atl71.dll 89,088 bytes MD5: 0x8F2097E8B174F38178570C611464935F
SHA-1: 0x86476819229F4BF00F32E5F0969E19C5B61D1B2A
8 %ProgramFiles%\VirtualCamera\driver\vcsetup.exe 45,056 bytes MD5: 0xD6125785ED74EE4385A610902A6A1D7B
SHA-1: 0x4750E8DC502A9B7E709CEF21AA4658E8459AA725
9 %ProgramFiles%\VirtualCamera\driver\VirtualCam.inf 3,671 bytes MD5: 0xF4924F723FCE32DAD21BED10477A3245
SHA-1: 0x5BD1FEA39BE44790B17DC54744E6EE238042AD5E
10 %ProgramFiles%\VirtualCamera\driver\VirtualCam.sys 192,512 bytes MD5: 0xB6EF92C628D993C5F777807ED76A7568
SHA-1: 0xA88A135DEAFE3BF92976B2740C9405A1EF2D656B
11 %ProgramFiles%\VirtualCamera\FILE_ID.DIZ 300 bytes MD5: 0x78CC8BDDF1E6EB4ED17CBBA89A54EEE0
SHA-1: 0xBF2BE6AAE56B52F41B91E9676F674B00EEE67D88
12 %ProgramFiles%\VirtualCamera\Language\chs.ini 7,046 bytes MD5: 0xDDBAC2C2487064B5BF6347F311019B2F
SHA-1: 0xB11EEA707D4BADD24CA34735B44E0EE57D8D971B
13 %ProgramFiles%\VirtualCamera\Language\cht.ini 7,088 bytes MD5: 0xDE7E1854A69C786BF81E8FBF26009BD7
SHA-1: 0x20D59F341949462EDB87F1B897B87BFD9FCD4691
14 %ProgramFiles%\VirtualCamera\Language\enu.ini 8,584 bytes MD5: 0xEB50DDE94709E8BA41A98998365777F6
SHA-1: 0xFC37D41CAD78FE4717AAE9A9D19373EA0DE9B323
15 %ProgramFiles%\VirtualCamera\Language\esp.ini 9,961 bytes MD5: 0x2E052B8EB99632573B5B4AF791E4B351
SHA-1: 0x9BADEBEB6B028C7BC8F4008959EE7A5A22F1EE1E
16 %ProgramFiles%\VirtualCamera\Language\fin.ini 8,828 bytes MD5: 0x3FBCA6217BAB9AAB7B34A324E2AF9F24
SHA-1: 0x5BA2E3A1F0D07EDB0C07E5608F58FFA12771A649
17 %ProgramFiles%\VirtualCamera\Language\fra.ini 9,437 bytes MD5: 0x341B08A9C677E540D52733412A61F5C2
SHA-1: 0x049021F43F166E097A10C72C829E93B10C546F32
18 %ProgramFiles%\VirtualCamera\Language\ger.ini 9,219 bytes MD5: 0xEB50612DD5DDF3FDAAAE866DF089C8F1
SHA-1: 0xA4C55E4B3024ABD3F822945474A8B5D1B7FCD1E4
19 %ProgramFiles%\VirtualCamera\Language\hin.ini 10,558 bytes MD5: 0x839BEEB653992A818E825A11C114816B
SHA-1: 0x081E1AE5C1E24F51A3B5A5BCEEEDCD409DB964EB
20 %ProgramFiles%\VirtualCamera\Language\nld.ini 9,380 bytes MD5: 0x6B6305F508509485C87ABEB9AC569064
SHA-1: 0xDE75B39EF16A4E75A88AB6D30BCA60E0C1D781D6
21 %ProgramFiles%\VirtualCamera\Language\ptg.ini 9,325 bytes MD5: 0x51D5F2362F8F79230FF20D5E97F6E1A3
SHA-1: 0x9DBBDDE185F97D38D05AB1F85BDE7AE52F01BF47
22 %ProgramFiles%\VirtualCamera\Language\rom.ini 8,869 bytes MD5: 0x039652286A6596AD0010A8A5FE51FC3E
SHA-1: 0x136BE635A245835458D91CB8BCE9EE9AC366B8DF
23 %ProgramFiles%\VirtualCamera\Language\trk.ini 8,524 bytes MD5: 0x1F41A7FCEA7BC1208707B1E1A3612FC7
SHA-1: 0x25CCAA5AE74523B092AF78D3D3489CC85A9F4CA9
24 %ProgramFiles%\VirtualCamera\License.rtf 4,194 bytes MD5: 0x75ECDE48445B2365FDD1D2F89A8017A0
SHA-1: 0xB9DF945AC8443CA249DBFC89B6794AC20F36117B
25 %ProgramFiles%\VirtualCamera\logo.swf 36,457 bytes MD5: 0xA1D83DB56ED35697764B855413FD427A
SHA-1: 0xE5CFD0838B146CD11B11EC4EB7DF52EFF0A9F48F
26 %ProgramFiles%\VirtualCamera\readme.txt 8,793 bytes MD5: 0x4B76ABBB4A9F93B7C2C32FE83FDBEFBC
SHA-1: 0xC7F4D89E0047AECF1EE107B6AB0E55E2B9F38A73
27 %ProgramFiles%\VirtualCamera\RealMediaSplitter.ax 356,352 bytes MD5: 0x05B85D191C4331CD959A226574BED1F1
SHA-1: 0x756319C94650AC6AA975289C247479F4EF43AE9D
28 %ProgramFiles%\VirtualCamera\uninst.exe 113,469 bytes MD5: 0x2477D98DFDE40370C14CFAA66E8F5493
SHA-1: 0x2E59E01F36D089B9594AFFB5ED27F2CE49D7F43A
29 %ProgramFiles%\VirtualCamera\VCamera.exe 638,976 bytes MD5: 0x787AB498C0F13C804347663B2165D5E5
SHA-1: 0x30CBA80433C5568852F8F82C8C456E7D7467A66E
30 %ProgramFiles%\VirtualCamera\VirtualCamera.chm 514,170 bytes MD5: 0x0E9E83E80541EC4BA99B9DDB5FE332E1
SHA-1: 0x54DD9F9B6BFBEB03110C9E66DDD3817C66783DA9
31 %ProgramFiles%\VirtualCamera\VirtualCamera.url 54 bytes MD5: 0x240786721ED80D6821E896E735E0CDCB
SHA-1: 0xA480664F4DA9814311CDB212533EE327191CF7A2
32 %ProgramFiles%\VirtualCamera\VirtualCameraMenu.dll 86,016 bytes MD5: 0xC5258112ABDFF017DB37460B73F473CB
SHA-1: 0x70E58C14E207C58AAA6B28ABC8FC14D984291D05
33 [file and pathname of the sample #1] 1,439,353 bytes MD5: 0x9699AA21B3A34E82F5C498CDF1BE95DC
SHA-1: 0xAA84B1D07EE0753B1E3568E3B83855CBEB1EBFD1
34 %Windir%\vcamera.INI 0 bytes MD5: 0xD41D8CD98F00B204E9800998ECF8427E
SHA-1: 0xDA39A3EE5E6B4B0D3255BFEF95601890AFD80709

 

Memory Modifications

Process NameProcess FilenameMain Module Size
vcamera.exe%ProgramFiles%\virtualcamera\vcamera.exe655,360 bytes
[filename of the sample #1][file and pathname of the sample #1]200,704 bytes

 

Registry Modifications

 

Other details

China

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.