367d10f77f760391c49a7875e249b55e0e3c3466810ed067f4a939625d59bacd

Sharing

Copy URL

Twitter E-mail

General

Target

367d10f77f760391c49a7875e249b55e0e3c3466810ed067f4a939625d59bacd
Size

1.2MB
MD5

a4e2ee53cab8673d01fdab1097bb6993
SHA1

edb1614e7529bcab1f72a29d02047b413dc0b277
SHA256

367d10f77f760391c49a7875e249b55e0e3c3466810ed067f4a939625d59bacd
SHA512

9e385a6c9d1efbd8081eb84e74b9300b343da7c986a37e1506e1db605ffb989e338e0ba2bdb7ad5c2240cb975b5d9e85ba9eac5fd65c907a3aae495ce1c543df
SSDEEP

24576:867nYqwN3Ftvp+aAoVTSDcpf+X6w9CxV+vjy8ne41:8e7+lIaAoBB+X69V+tnN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
367d10f77f760391c49a7875e249b55e0e3c3466810ed067f4a939625d59bacd

Files

367d10f77f760391c49a7875e249b55e0e3c3466810ed067f4a939625d59bacd
.exe windows:6 windows x64

a690c0ea45c30f28e238eb007dbae84e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDevice
D3D11CreateDeviceAndSwapChain

dxgi

CreateDXGIFactory1
CreateDXGIFactory

opencv_world480

??0KalmanFilter@cv@@QEAA@XZ
?setIdentity@cv@@YAXAEBV_InputOutputArray@1@AEBV?$Scalar_@N@1@@Z
??0KalmanFilter@cv@@QEAA@HHHH@Z
?seek@MatConstIterator@cv@@QEAAX_J_N@Z
?total@Mat@cv@@QEBA_KXZ
?empty@Mat@cv@@QEBA_NXZ
?release@Mat@cv@@QEAAXXZ
?zeros@Mat@cv@@SA?AVMatExpr@2@HHH@Z
?reshape@Mat@cv@@QEBA?AV12@HHPEBH@Z
?convertTo@Mat@cv@@QEBAXAEBV_OutputArray@2@HNN@Z
??4Mat@cv@@QEAAAEAV01@AEBV01@@Z
??0Mat@cv@@QEAA@HHH@Z
?cvtColor@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@HH@Z
?NMSBoxes@dnn4_v20230620@dnn@cv@@YAXAEBV?$vector@V?$Rect_@H@cv@@V?$allocator@V?$Rect_@H@cv@@@std@@@std@@AEBV?$vector@MV?$allocator@M@std@@@5@MMAEAV?$vector@HV?$allocator@H@std@@@5@MH@Z
?minMaxLoc@cv@@YAXAEBV_InputArray@1@PEAN1PEAV?$Point_@H@1@20@Z
?t@Mat@cv@@QEBA?AVMatExpr@2@XZ
??0Mat@cv@@QEAA@AEBV01@AEBVRange@1@1@Z
??0Mat@cv@@QEAA@HHHPEAX_K@Z
?noArray@cv@@YAAEBV_InputOutputArray@1@XZ
?rectangle@cv@@YAXAEBV_InputOutputArray@1@V?$Rect_@H@1@AEBV?$Scalar_@N@1@HHH@Z
?getWindowProperty@cv@@YANAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?imshow@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV_InputArray@1@@Z
?waitKey@cv@@YAHH@Z
?destroyWindow@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?blobFromImage@dnn4_v20230620@dnn@cv@@YA?AVMat@3@AEBV_InputArray@3@NAEBV?$Size_@H@3@AEBV?$Scalar_@N@3@_N3H@Z
??4Mat@cv@@QEAAAEAV01@$$QEAV01@@Z
??1Mat@cv@@QEAA@XZ
??0Mat@cv@@QEAA@XZ
?error@cv@@YAXHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD1H@Z
??0Mat@cv@@QEAA@AEBV01@AEBV?$Rect_@H@1@@Z
?seek@MatConstIterator@cv@@QEAAXPEBH_N@Z

msdk

M_Close
M_Open
M_MoveR

ntdll

RtlLookupFunctionEntry
RtlUnwind
RtlVirtualUnwind
RtlPcToFileHeader
VerSetConditionMask
RtlInitUnicodeString
NtDeviceIoControlFile
NtCreateFile
NtClose
RtlCaptureContext
RtlUnwindEx

onnxruntime

ord5
ord1

kernel32

GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
ExitProcess
ReadFile
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
CreateProcessW
DuplicateHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
GetDriveTypeA
GetLogicalDrives
GetCurrentThreadId
GetModuleHandleW
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateThread
GetLastError
SetEvent
WaitForSingleObject
CreateEventA
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetCurrentProcess
GetStdHandle
GetFileAttributesA
WriteFile
DecodePointer
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
GetDynamicTimeZoneInformation
MultiByteToWideChar
WideCharToMultiByte
GetConsoleMode
GetACP
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GlobalAlloc
FlushFileBuffers
GlobalLock
GlobalFree
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
GetModuleHandleA
GetStringTypeW
LCMapStringEx
EncodePointer
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SleepConditionVariableSRW
WakeAllConditionVariable
GetExitCodeThread
WaitForSingleObjectEx
GetFileInformationByHandleEx
CloseHandle
AreFileApisANSI
GetFullPathNameW
GetConsoleOutputCP
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetExitCodeProcess
CreatePipe
GlobalUnlock
IsValidCodePage
SetEndOfFile
WriteConsoleA
RaiseException
OutputDebugStringW
InitializeSListHead
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
LocalFree
FormatMessageA
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW

user32

SetFocus
TranslateMessage
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
LoadCursorW
SetWindowLongW
GetWindowLongW
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetClientRect
SetWindowTextW
ReleaseDC
GetDC
SetForegroundWindow
IsWindowUnicode
ReleaseCapture
SetCapture
GetCapture
GetKeyState
GetForegroundWindow
BringWindowToTop
IsIconic
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
IsChild
TrackMouseEvent
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SendInput
GetAsyncKeyState
MessageBoxA
DestroyWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcW
PeekMessageW
DispatchMessageW

gdi32

GetDeviceCaps

advapi32

RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExA
RegCloseKey
OpenProcessToken

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
ImmSetCandidateWindow

d3dcompiler_47

D3DCompile

Sections

.text
Size: 899KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a690c0ea45c30f28e238eb007dbae84e

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

dxgi

opencv_world480

msdk

ntdll

onnxruntime

kernel32

user32

gdi32

advapi32

imm32

d3dcompiler_47

Sections

.text Size: 899KB - Virtual size: 898KB

.rdata Size: 249KB - Virtual size: 249KB

.data Size: 15KB - Virtual size: 27KB

.pdata Size: 42KB - Virtual size: 41KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 899KB - Virtual size: 898KB

.rdata
Size: 249KB - Virtual size: 249KB

.data
Size: 15KB - Virtual size: 27KB

.pdata
Size: 42KB - Virtual size: 41KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB