173005306987bccb7007941262d8d6ce37c51b6b1116c72959bf3130f3914532

Sharing

Copy URL Twitter E-mail

General

Target

173005306987bccb7007941262d8d6ce37c51b6b1116c72959bf3130f3914532
Size

94KB
MD5

26ff4361a12db0aa0b8971e003497bbd
SHA1

cfa88bc56fed626e77cd72bd310495902c8c7900
SHA256

173005306987bccb7007941262d8d6ce37c51b6b1116c72959bf3130f3914532
SHA512

7c169c1132aa68ebc2fd3bc03bdb518956ea6920631bad3aaf7f4b9bdb63499fc1204692575813cfc25a32a63c8c6485b544896c0a200c96e1d82c541a418c8c
SSDEEP

768:/gwnrYyISO1snQFy38Mgfjj8ckOnerg3FBuzB/5JWSpSNqKJyX1PoxhI7lexx6ia:89sJ8MK8FnB/5cSp4GwOAM1FRqX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173005306987bccb7007941262d8d6ce37c51b6b1116c72959bf3130f3914532

Files

173005306987bccb7007941262d8d6ce37c51b6b1116c72959bf3130f3914532
.dll windows:6 windows x64 arch:x64

530a37036924bd653f39c17a103217a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\jenkins\workspace\Git-NLEPlatformPro\Src\SymbolTable\Win\x64_Release\tp_Erase.pdb

Imports

ws_imageproc

ord14
ord10
ord11
ord13

opencv_core320

?deallocate@String@cv@@AEAAXXZ
?allocate@String@cv@@AEAAPEAD_K@Z
?deallocate@Mat@cv@@QEAAXXZ
??1ParallelLoopBody@cv@@UEAA@XZ
?parallel_for_@cv@@YAXAEBVRange@1@AEBVParallelLoopBody@1@N@Z
?error@cv@@YAXHAEBVString@1@PEBD1H@Z
?fastFree@cv@@YAXPEAX@Z

nlelogger

NLEGetDefaultLogger

msvcr120

_initterm_e
pow
__crtUnhandledException
__crtTerminateProcess
_initterm
__crtCapturePreviousContext
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
sqrt
_malloc_crt
free
_amsg_exit
__CppXcptFilter
_onexit
__C_specific_handler
__dllonexit
_calloc_crt
_unlock
_lock
_purecall
rand
wcsrchr
??_V@YAXPEAX@Z
??2@YAPEAX_K@Z
??_U@YAPEAX_K@Z
memmove
??3@YAXPEAX@Z
memset
memcpy
cos
__CxxFrameHandler3
_CxxThrowException
sin
__crt_debugger_hook
__clean_type_info_names_internal

msvcp120

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Syserror_map@std@@YAPEBDH@Z

kernel32

IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls

Exports

Exports

GetTransCount
GetTransInfo
GetTransType

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

530a37036924bd653f39c17a103217a6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws_imageproc

opencv_core320

nlelogger

msvcr120

msvcp120

kernel32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 25KB - Virtual size: 26KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 552B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 25KB - Virtual size: 26KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 552B