215cd9499a17ab8773c61c321e550d484e9c1428a8bb0312a3e16642f9039acc

Sharing

Copy URL Twitter E-mail

General

Target

215cd9499a17ab8773c61c321e550d484e9c1428a8bb0312a3e16642f9039acc
Size

5.3MB
MD5

ed431e39cb29c4ddc12b92b953fe1ece
SHA1

32782eb7d578636abcc679226f345a4c5148fdb0
SHA256

215cd9499a17ab8773c61c321e550d484e9c1428a8bb0312a3e16642f9039acc
SHA512

9c3ffae8d2eb90be26750b6caade9d4a174983ae10f822c2353246f14194a524b9a1d2f1c7187011812ab1e0cad3215b8c8ddc369a8b3c414ed5632599d3738d
SSDEEP

98304:FnX4JrbglNYH7GI9JZnzodzcAFBWbrCfxT6kwaN1JFYE202/:FnIqNYbGI9XQzcAkSR6kJzJDv0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
215cd9499a17ab8773c61c321e550d484e9c1428a8bb0312a3e16642f9039acc

Files

215cd9499a17ab8773c61c321e550d484e9c1428a8bb0312a3e16642f9039acc
.dll windows:6 windows x64

1adf9118dada02d0b6cdca9f76c68439

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libufun

UF_get_release

libnxopencpp

?AllowSelfIntersection@Section@NXOpen@@QEAAX_N@Z

libugopenint

UF_UI_set_sel_procs

libnxopenuicpp

?GetSelected@SetList@BlockStyler@NXOpen@@QEAA?AV?$vector@PEAVUIBlock@BlockStyler@NXOpen@@V?$allocator@PEAVUIBlock@BlockStyler@NXOpen@@@std@@@std@@XZ

mfc140

ord4551

kernel32

ConnectNamedPipe

user32

SetTimer

advapi32

RegEnumKeyExA

shell32

ShellExecuteA

shlwapi

PathIsDirectoryA

oleaut32

VariantClear

libnxopencpp_cam

?InitialEngage@NcmHoleMachining@CAM@NXOpen@@QEAAPEAVNcmHoleMachiningEngRet@23@XZ

libnxopencpp_features

?SetInheritDisplayProperties@ExtractFaceBuilder@Features@NXOpen@@QEAAX_N@Z

libnxopencpp_geometricutilities

?SetBodyType@FeatureOptions@GeometricUtilities@NXOpen@@QEAAXW4BodyStyle@123@@Z

msvcp140

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

libufun_cam

UF_CAM_opt_ask_types

libugopenint_cam

UF_UI_ONT_ask_selected_nodes

version

GetFileVersionInfoSizeA

pskernel

PK_EDGE_find_extreme

iphlpapi

GetAdaptersInfo
GetAdaptersInfo

vcruntime140

strchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-stdio-l1-1-0

fclose

api-ms-win-crt-string-l1-1-0

_wcsnicmp

api-ms-win-crt-math-l1-1-0

floor

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-time-l1-1-0

_mktime64

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-filesystem-l1-1-0

remove

ole32

CoInitializeEx

ws2_32

WSASend
WSAStartup

slm_runtime_windows_x64

ord1

Sections

.text
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mark
Size: - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1adf9118dada02d0b6cdca9f76c68439

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libnxopencpp

libugopenint

libnxopenuicpp

mfc140

kernel32

user32

advapi32

shell32

shlwapi

oleaut32

libnxopencpp_cam

libnxopencpp_features

libnxopencpp_geometricutilities

msvcp140

libufun_cam

libugopenint_cam

version

pskernel

iphlpapi

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

ole32

ws2_32

slm_runtime_windows_x64

Sections

.text Size: - Virtual size: 6.8MB

.rdata Size: - Virtual size: 698KB

.data Size: - Virtual size: 190KB

.pdata Size: - Virtual size: 74KB

.mark Size: - Virtual size: 336B

.vdata Size: - Virtual size: 2KB

.text Size: - Virtual size: 2.2MB

.data Size: - Virtual size: 140KB

.text Size: 5.3MB - Virtual size: 5.3MB

.data Size: 5KB - Virtual size: 5KB

.reloc Size: 512B - Virtual size: 104B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 6.8MB

.rdata
Size: - Virtual size: 698KB

.data
Size: - Virtual size: 190KB

.pdata
Size: - Virtual size: 74KB

.mark
Size: - Virtual size: 336B

.vdata
Size: - Virtual size: 2KB

.text
Size: - Virtual size: 2.2MB

.data
Size: - Virtual size: 140KB

.text
Size: 5.3MB - Virtual size: 5.3MB

.data
Size: 5KB - Virtual size: 5KB

.reloc
Size: 512B - Virtual size: 104B

.rsrc
Size: 2KB - Virtual size: 1KB