a074cf49a6efeeb80c0da7110b555ec973c7c95bfbd55e0cdd523d6abc16c9c0

Sharing

Copy URL Twitter E-mail

General

Target

a074cf49a6efeeb80c0da7110b555ec973c7c95bfbd55e0cdd523d6abc16c9c0
Size

3.1MB
MD5

330fb689f09d85bb228e1c411bd9ebdf
SHA1

aef164842ed291b62b7cd1f24450aef0358a1f7a
SHA256

a074cf49a6efeeb80c0da7110b555ec973c7c95bfbd55e0cdd523d6abc16c9c0
SHA512

0fc0abf987a5ed2a2a106557f8dbbcedeee96cd93eeb352d9c0b50a003720de89c4656ea3ed6588f50b42b2a74330dd494ba8ca046bf73d9705007bd9c2a52b8
SSDEEP

49152:Kq/mtEDDk9jy07yaFacC3tpW3wkLq7Ut3TB:lkQMAkLGW3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a074cf49a6efeeb80c0da7110b555ec973c7c95bfbd55e0cdd523d6abc16c9c0

Files

a074cf49a6efeeb80c0da7110b555ec973c7c95bfbd55e0cdd523d6abc16c9c0
.exe windows:6 windows x64 arch:x64

e932abeea642d3a3455294a8c9666a21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\Code\Code_CadScienceTmp\IP3D\dev\CadScience\TestCadSci\Debug\TestCadSci.pdb

Imports

hologic.logging.core

LogError
LogInfo

cudart64_65

cudaDeviceSynchronize
cudaGetLastError
cudaGetErrorString
cudaGetDevice
cudaFree
cudaMalloc
cudaThreadGetCacheConfig
cudaThreadSetCacheConfig
cudaMemGetInfo
cudaSetDevice
__cudaRegisterTexture
cudaUnbindTexture
cudaBindTextureToArray
cudaBindTexture
cudaGetChannelDesc
cudaMemcpyToArray
cudaMallocArray
__cudaRegisterFunction
__cudaRegisterVar
__cudaUnregisterFatBinary
__cudaRegisterFatBinary
cudaDestroyTextureObject
cudaCreateTextureObject
cudaCreateChannelDesc
cudaMemset2D
cudaMemset
cudaMemcpyToSymbol
cudaMemcpy2D
cudaMemcpy
cudaMallocPitch
cudaLaunch
cudaSetupArgument
cudaConfigureCall
cudaGetDeviceProperties

igitt

GITTCtxFromMemory
GITTCtxDestroy
GITTCtxRead
GITTCtxObjects
GITTCtxDimensionX
GITTCtxDimensionY
GITTCtxPixelSpacing
GITTCtxPrimaryAngle

cadscience

RunCadSci

kernel32

UnmapViewOfFile
MapViewOfFile
GetOverlappedResult
CreateFileA
SetEnvironmentVariableA
SetEndOfFile
CreateFileW
ReadConsoleW
SetStdHandle
VirtualQuery
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetProcessHeap
HeapAlloc
HeapQueryInformation
LoadLibraryW
HeapFree
OutputDebugStringA
CreateThread
WaitForSingleObjectEx
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCurrentThreadId
GetCurrentThread
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
FreeLibrary
SetConsoleCtrlHandler
WriteFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileAttributesA
HeapReAlloc
CloseHandle
GetModuleFileNameA
GetModuleHandleA
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleFileNameW
HeapSize
HeapValidate
GetSystemInfo
GetStdHandle
GetFileType
WriteConsoleW
GetCommandLineA
FatalAppExitA
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
CreateSemaphoreW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e932abeea642d3a3455294a8c9666a21

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hologic.logging.core

cudart64_65

igitt

cadscience

kernel32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 416KB - Virtual size: 415KB

.data Size: 13KB - Virtual size: 30KB

.pdata Size: 85KB - Virtual size: 84KB

.nv_fatb Size: 1.1MB - Virtual size: 1.1MB

.nvFatBi Size: 512B - Virtual size: 48B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 416KB - Virtual size: 415KB

.data
Size: 13KB - Virtual size: 30KB

.pdata
Size: 85KB - Virtual size: 84KB

.nv_fatb
Size: 1.1MB - Virtual size: 1.1MB

.nvFatBi
Size: 512B - Virtual size: 48B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 7KB - Virtual size: 7KB