f7db7157647603fc747c8218c10420517463338efe320c6b7be83433a59b8f63

Sharing

Copy URL Twitter E-mail

General

Target

f7db7157647603fc747c8218c10420517463338efe320c6b7be83433a59b8f63
Size

143KB
MD5

7b8d0171643653c47d5d6677eea594b4
SHA1

40122d29eddf899f05581724e8fa540ed127b531
SHA256

f7db7157647603fc747c8218c10420517463338efe320c6b7be83433a59b8f63
SHA512

e52f67b16502c66e86b14c6c2a91283f02b0d59a602fd868c8f6ad03405091b38808079f65f2a99930634c3688a5d6809676090cec41887ebb0a17668029d737
SSDEEP

3072:Xzx/3Dy8bO7hMVGlKPgbY+CJyUKLXOLwbMPMZdpIkW:Dtzy8a7hNGTyUGOcbMG3IkW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7db7157647603fc747c8218c10420517463338efe320c6b7be83433a59b8f63

Files

f7db7157647603fc747c8218c10420517463338efe320c6b7be83433a59b8f63
.dll windows:5 windows x86 arch:x86

269c0c5aa04482f9ede8705400dfa1fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

opencv_core249

?getGpuMat@_InputArray@cv@@UBE?AVGpuMat@gpu@2@XZ
?getGlTexture@_InputArray@cv@@UBE?AVGlTexture@2@XZ
?_interlockedExchangeAdd@cv@@YAHPAHH@Z
?getGlBuffer@_InputArray@cv@@UBE?AVGlBuffer@2@XZ
?kind@_InputArray@cv@@UBEHXZ
?getMat@_InputArray@cv@@UBE?AVMat@2@H@Z
??0_InputArray@cv@@QAE@ABVMat@1@@Z
?inRange@cv@@YAXABV_InputArray@1@00ABV_OutputArray@1@@Z
??0Mat@cv@@QAE@ABV01@ABV?$Rect_@H@1@@Z
?copyTo@Mat@cv@@QBEXABV_OutputArray@2@ABV_InputArray@2@@Z
?deallocate@Mat@cv@@QAEXXZ
?size@_InputArray@cv@@UBE?AV?$Size_@H@2@H@Z
?copySize@Mat@cv@@QAEXABV12@@Z
?getMatVector@_InputArray@cv@@UBEXAAV?$vector@VMat@cv@@V?$allocator@VMat@cv@@@std@@@std@@@Z
?total@_InputArray@cv@@UBEIH@Z
?type@_InputArray@cv@@UBEHH@Z
?depth@_InputArray@cv@@UBEHH@Z
?channels@_InputArray@cv@@UBEHH@Z
?empty@_InputArray@cv@@UBE_NXZ
?fastFree@cv@@YAXPAX@Z
?bitwise_not@cv@@YAXABV_InputArray@1@ABV_OutputArray@1@0@Z
??0_OutputArray@cv@@QAE@ABVMat@1@@Z
??0_OutputArray@cv@@QAE@AAVMat@1@@Z
?noArray@cv@@YAABV_OutputArray@1@XZ

opencv_highgui249

?imread@cv@@YA?AVMat@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?imwrite@cv@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV_InputArray@1@ABV?$vector@HV?$allocator@H@std@@@3@@Z

opencv_imgproc249

?resize@cv@@YAXABV_InputArray@1@ABV_OutputArray@1@V?$Size_@H@1@NNH@Z

kernel32

TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
VirtualQuery
IsProcessorFeaturePresent
GetModuleHandleA
IsDebuggerPresent
GetModuleFileNameA
QueryPerformanceCounter
InitializeSListHead

gdi32

DeleteDC
GetTextExtentPoint32W
SetTextColor
CreateFontIndirectA
SetBkColor
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
TextOutW

msvcp140

??0_Locinfo@std@@QAE@HPBD@Z
?_Xruntime_error@std@@YAXPBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?global@locale@std@@SA?AV12@ABV12@@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
??1_Locinfo@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

vcruntime140

memmove
__std_terminate
strrchr
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
_except_handler4_common
__std_type_info_destroy_list
__CxxFrameHandler3
memcpy

api-ms-win-crt-convert-l1-1-0

_wtoi
wcstombs

api-ms-win-crt-string-l1-1-0

wcsncpy_s
wcstok_s
wcscpy_s
strcpy_s

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_cexit
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

Exports

Exports

GetTemplateImage

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

269c0c5aa04482f9ede8705400dfa1fd

Headers

DLL Characteristics

File Characteristics

Imports

opencv_core249

opencv_highgui249

opencv_imgproc249

kernel32

gdi32

msvcp140

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 68B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 68B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 108KB