82571571fc55665d1e5c4d54f61df07351c16343488a6c5e98e1cee0771c3607

Sharing

Copy URL Twitter E-mail

General

Target

82571571fc55665d1e5c4d54f61df07351c16343488a6c5e98e1cee0771c3607
Size

13.1MB
MD5

0e7daa904cda92befd9b5b488afc4628
SHA1

c01c17c64cb6957d997892b10884e3cc580f6f6f
SHA256

82571571fc55665d1e5c4d54f61df07351c16343488a6c5e98e1cee0771c3607
SHA512

3d338cbd9c0f4dee0cb966d0c5ea933e9e6a23f0ff2ce6a365fc60ba79bd2d032a12d2fd32df73830caaf86b665e93faa1255faf0a687da78d18cd60812ca48e
SSDEEP

196608:cnfXvZZUH1JDHDFxJoZI2B5KX64jbFLmhf4BplaQX5bHoBujMzXjdhW1n/g+64g4:O/TUH1J/FG/s5j4Z4nFxHo8mXjdiptt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82571571fc55665d1e5c4d54f61df07351c16343488a6c5e98e1cee0771c3607

Files

82571571fc55665d1e5c4d54f61df07351c16343488a6c5e98e1cee0771c3607
.dll windows:6 windows x64 arch:x64

331371bc053d40508b1f92b551aee343

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libufun

UF_CSYS_set_wcs

libnxopencpp

?CreateRuleFaceConnectedBlend@ScRuleFactory@NXOpen@@QEAAPEAVFaceConnectedBlendRule@2@PEAVFace@2@@Z

libugopenint

UF_VIEW_rotate_view

libnxopenuicpp

?Show@Dialog@UIStyler@NXOpen@@QEAA?AW4DialogResponse@23@XZ

mfc140

ord7749

kernel32

ReleaseSemaphore
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

IsIconic
GetProcessWindowStation
GetUserObjectInformationW

gdi32

CreateCompatibleBitmap

advapi32

RegOpenKeyExA

shell32

SHGetSpecialFolderLocation

comctl32

ImageList_AddMasked

shlwapi

PathCanonicalizeA

ole32

CoUninitialize

oleaut32

VariantClear

wininet

InternetOpenUrlA

ws2_32

WSAStartup

msvcp140

?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

pskernel

PK_TOPOL_find_box

libnxopencpp_annotations

?SetAngularTolerance@DimensionData@Annotations@NXOpen@@QEAAXPEAVAngularTolerance@23@@Z

libnxopencpp_cam

?FilletingRadius@CornerControlBuilder@CAM@NXOpen@@QEAAPEAVInheritableToolDepBuilder@23@XZ

libnxopencpp_display

?SetBackgroundWireframeViewsType@Background@Display@NXOpen@@QEAAXH@Z

libnxopencpp_drafting

?AnnotationStyle@PreferencesBuilder@Drafting@NXOpen@@QEAAPEAVStyleBuilder@Annotations@3@XZ

libnxopencpp_drawings

?CreateProjectedViewBuilder@DraftingViewCollection@Drawings@NXOpen@@QEAAPEAVProjectedViewBuilder@23@PEAVProjectedView@23@@Z

libnxopencpp_facet

?DeleteTemporaryFacesAndEdges@FacetedBodyCollection@Facet@NXOpen@@QEAAXXZ

libnxopencpp_features

?AllowSelfIntersectingSection@ExtrudeBuilder@Features@NXOpen@@QEAAX_N@Z

libnxopencpp_geometricanalysis

?PerformCheck@SimpleInterference@GeometricAnalysis@NXOpen@@QEAA?AW4Result@123@XZ

libnxopencpp_geometricutilities

?Value@Extend@GeometricUtilities@NXOpen@@QEAAPEAVExpression@3@XZ

libnxopencpp_preferences

?GetAngularTolerances@AnnotationPreferences@Preferences@NXOpen@@QEAAPEAVAngularTolerance@Annotations@3@XZ

libufun_cam

UF_CAM_is_session_initialized

libugopenint_cam

UF_UI_ONT_ask_view

hid

HidD_SetFeature

setupapi

SetupDiGetClassDevsA

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoA

libxl64

xlCreateBookA

psapi

EnumProcessModules

vcruntime140

__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

api-ms-win-crt-multibyte-l1-1-0

_mbstok

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-time-l1-1-0

_ftime64

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-filesystem-l1-1-0

remove

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

asin

Exports

Exports

?NXSigningResource@@YAXXZ
?XcLoad@@YAXXZ
?XcUnload@@YAXXZ
udop
ufusr
ufusr_ask_unload

Sections

.text
Size: - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xc0
Size: - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xc1
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 317KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

331371bc053d40508b1f92b551aee343

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libnxopencpp

libugopenint

libnxopenuicpp

mfc140

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

ws2_32

msvcp140

pskernel

libnxopencpp_annotations

libnxopencpp_cam

libnxopencpp_display

libnxopencpp_drafting

libnxopencpp_drawings

libnxopencpp_facet

libnxopencpp_features

libnxopencpp_geometricanalysis

libnxopencpp_geometricutilities

libnxopencpp_preferences

libufun_cam

libugopenint_cam

hid

setupapi

iphlpapi

version

libxl64

psapi

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: - Virtual size: 8.8MB

.rdata Size: - Virtual size: 2.7MB

.data Size: - Virtual size: 298KB

.pdata Size: - Virtual size: 263KB

.xc0 Size: - Virtual size: 10.3MB

.xc1 Size: 12.8MB - Virtual size: 12.8MB

.reloc Size: 512B - Virtual size: 200B

.rsrc Size: 317KB - Virtual size: 2.8MB

.text
Size: - Virtual size: 8.8MB

.rdata
Size: - Virtual size: 2.7MB

.data
Size: - Virtual size: 298KB

.pdata
Size: - Virtual size: 263KB

.xc0
Size: - Virtual size: 10.3MB

.xc1
Size: 12.8MB - Virtual size: 12.8MB

.reloc
Size: 512B - Virtual size: 200B

.rsrc
Size: 317KB - Virtual size: 2.8MB