a45e820e7329c81e1d32c262b243ab0645b964dd3f0076d54fa9004338998443

Sharing

Copy URL Twitter E-mail

General

Target

a45e820e7329c81e1d32c262b243ab0645b964dd3f0076d54fa9004338998443
Size

5.1MB
MD5

05a1c8011336f0061312713625f46444
SHA1

07f1e109c2cc41ae28ae922f48b0c70415ff6ae5
SHA256

a45e820e7329c81e1d32c262b243ab0645b964dd3f0076d54fa9004338998443
SHA512

02c3794df051086544f6d3bf745b22c54ffe394161ca00f91bded8d97a42899c0a2175ce3554b344b36a257dfb2ded65a72f85b8f2627fc93aa69e2df8f95b7b
SSDEEP

98304:VEUb9MsEK40cgvaTUEa68ffXcjG6MoRoLOySJaJ/qvwFcmNzZMti54OrYvxaH6AB:OURNEK4GZHIG6zeO5aJ/wnm/MtiDrYap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a45e820e7329c81e1d32c262b243ab0645b964dd3f0076d54fa9004338998443

Files

a45e820e7329c81e1d32c262b243ab0645b964dd3f0076d54fa9004338998443
.dll windows:5 windows x86 arch:x86

7fb971e9e790b137182d14615fed5af0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\cadcam\cadcam\V15\Tools\Signature\Release\PropertyUI.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

msvcp100

?_BADOFF@std@@3_JB

msvcr100

exit

nesttargetscommon

??1XMLDocument@tinyxml2@@UAE@XZ

Exports

Exports

GetSuperDogCheckAdvanced
GetSuperDogCheckPolicy

Sections

.AKS1
Size: 2.5MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 2.7MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7fb971e9e790b137182d14615fed5af0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

msvcp100

msvcr100

nesttargetscommon

Exports

Exports

Sections

.AKS1 Size: 2.5MB - Virtual size: 3.2MB

.AKS2 Size: 2.7MB - Virtual size: 3.5MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.AKS1
Size: 2.5MB - Virtual size: 3.2MB

.AKS2
Size: 2.7MB - Virtual size: 3.5MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB