1f8e5e3f3f6322b7c8c22685392dd097d56e3ab3ab85d38c7bf3b51113d8ae3f

Sharing

Copy URL

Twitter E-mail

General

Target

1f8e5e3f3f6322b7c8c22685392dd097d56e3ab3ab85d38c7bf3b51113d8ae3f
Size

10.4MB
MD5

dd4395f13801d156c6e1c90ee46b184c
SHA1

15128cb2ff9fa16ca3b08e06a74061adb965d623
SHA256

1f8e5e3f3f6322b7c8c22685392dd097d56e3ab3ab85d38c7bf3b51113d8ae3f
SHA512

5defc4d76caea970c0061eb6fa0f64ea8701419b35e7fe841c17e41e9ea3cb4501f904190746d5303aee7e9c6c5140e78b9afb62a5c95b65e0ee339e62cf4e59
SSDEEP

196608:yuNDmWFZy9t7TbkYGKjB58R3psrkfvto/W99IOXdNS:NND/gNbkajB6Ltp99RdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f8e5e3f3f6322b7c8c22685392dd097d56e3ab3ab85d38c7bf3b51113d8ae3f

Files

1f8e5e3f3f6322b7c8c22685392dd097d56e3ab3ab85d38c7bf3b51113d8ae3f
.dll windows:5 windows x86 arch:x86

71712c1b75e46ceab4c972d0c60922a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libufun

UF_DRF_free_dimension

libnxopencpp

?SetRasterImages@PrintPDFBuilder@NXOpen@@QAEX_N@Z

libugopenint

UF_UI_ask_open_part_filename

libnxopenuicpp

?AddUpdateHandler@BlockDialog@BlockStyler@NXOpen@@QAEXABV?$Callback1@HPAVUIBlock@BlockStyler@NXOpen@@@3@@Z

mfc100

ord880

msvcr100

_ultoa

kernel32

LeaveCriticalSection
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetParent
GetProcessWindowStation
GetUserObjectInformationW

gdi32

CloseFigure

advapi32

RegDeleteValueA

shell32

SHGetSpecialFolderLocation

comctl32

_TrackMouseEvent

shlwapi

PathCombineA

ole32

CoUninitialize

oleaut32

SysAllocString

wininet

InternetReadFile

ws2_32

socket

msvcp100

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

pskernel

PK_ENTITY_copy

uxtheme

IsAppThemed

libnxopencpp_annotations

?SetColor@CenterlineSettingsBuilder@Annotations@NXOpen@@QAEXPAVNXColor@3@@Z

libnxopencpp_cam

?MinMaterialThickness@MillCutParameters@CAM@NXOpen@@QAEPAVInheritableDoubleBuilder@23@XZ

libnxopencpp_drawings

?Shading@ViewStyle@Drawings@NXOpen@@QAEPAVShadingViewStyle@23@XZ

libnxopencpp_facet

?DeleteTemporaryFacesAndEdges@FacetedBodyCollection@Facet@NXOpen@@QAEXXZ

libnxopencpp_features

?SetTrimToFaceEdgesOption@AOCSBuilder@Features@NXOpen@@QAEX_N@Z

libnxopencpp_geometricanalysis

?CreateSimpleInterferenceObject@AnalysisManager@GeometricAnalysis@NXOpen@@QAEPAVSimpleInterference@23@XZ

libnxopencpp_geometricutilities

?SetReferenceOption@OrientXpressBuilder@GeometricUtilities@NXOpen@@QAEXW4Reference@123@@Z

libnxopencpp_preferences

?SetTriadVisibility@SessionVisualizationScreen@Preferences@NXOpen@@QAEXH@Z

setupapi

SetupDiDestroyDeviceInfoList

hid

HidD_GetAttributes

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoA

libxl32

xlCreateBookA

psapi

GetModuleBaseNameA

Exports

Exports

?NXSigningResource@@YAXXZ
?XcLoad@@YAXXZ
?XcUnload@@YAXXZ
udop
ufusr
ufusr_ask_unload

Sections

.text
Size: - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 841KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xc0
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xc1
Size: 10.1MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 317KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71712c1b75e46ceab4c972d0c60922a7

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libnxopencpp

libugopenint

libnxopenuicpp

mfc100

msvcr100

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

ws2_32

msvcp100

pskernel

uxtheme

libnxopencpp_annotations

libnxopencpp_cam

libnxopencpp_drawings

libnxopencpp_facet

libnxopencpp_features

libnxopencpp_geometricanalysis

libnxopencpp_geometricutilities

libnxopencpp_preferences

setupapi

hid

iphlpapi

version

libxl32

psapi

Exports

Exports

Sections

.text Size: - Virtual size: 9.1MB

.rdata Size: - Virtual size: 1.7MB

.data Size: - Virtual size: 841KB

.xc0 Size: - Virtual size: 5.0MB

.xc1 Size: 10.1MB - Virtual size: 10.1MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 317KB - Virtual size: 2.8MB

.text
Size: - Virtual size: 9.1MB

.rdata
Size: - Virtual size: 1.7MB

.data
Size: - Virtual size: 841KB

.xc0
Size: - Virtual size: 5.0MB

.xc1
Size: 10.1MB - Virtual size: 10.1MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 317KB - Virtual size: 2.8MB