85919da13e53cf00ce4350c1f29cca66b065e7bee35bdee2460d83637f9129a7

Sharing

Copy URL Twitter E-mail

General

Target

85919da13e53cf00ce4350c1f29cca66b065e7bee35bdee2460d83637f9129a7
Size

201KB
MD5

a19a90246f0399ab18c8a8b605991078
SHA1

d7303aa2dda5e30e74946dd5673b823637409db7
SHA256

85919da13e53cf00ce4350c1f29cca66b065e7bee35bdee2460d83637f9129a7
SHA512

181075025071fdc4e02082edf3c28d42cb0712d7e72f41fe4d5922c771420d42dd1088b26a53b11a9c70316b7aae9beac402161d80df6e99729f4aee2a2134a9
SSDEEP

6144:9IdKUcXjguThMdfFetYWIlcGNNFCD2qqOmqQiK:vNMddeXy1DFC7K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85919da13e53cf00ce4350c1f29cca66b065e7bee35bdee2460d83637f9129a7

Files

85919da13e53cf00ce4350c1f29cca66b065e7bee35bdee2460d83637f9129a7
.dll windows:5 windows x86 arch:x86

6c9c58090248f9b12ae4c9df749dec8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\cadcam\V15\LibraryTubeBeta-AdobeTech\ReportInformation\Release\ReportInformation.pdb

Imports

mfc100

ord869
ord1267
ord2061
ord7487
ord12095
ord12720
ord1483
ord2050
ord11781
ord1929
ord1948
ord408
ord2137
ord13135
ord2626
ord305
ord5242
ord1313
ord4283
ord316
ord265
ord266
ord2138
ord4499
ord4144
ord300
ord1448
ord901
ord1316
ord310
ord1294
ord1296

msvcr100

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__RTDynamicCast
_CxxThrowException
memset
memcpy
__clean_type_info_names_internal
?terminate@@YAXXZ
_onexit
_lock
strpbrk
sscanf
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
__dllonexit
_unlock
tolower
strncmp
strchr
isspace
isalnum
isalpha
_vsnprintf_s
ferror
fprintf
fopen_s
_isnan
atoi
strcpy_s
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
fclose
fflush
setvbuf
fsetpos
fgetpos
_fseeki64
memcpy_s
fgetc
ungetc
fwrite
fputc
_unlock_file
_lock_file
malloc
free
memchr
_purecall
sprintf_s
memmove
??0exception@std@@QAE@ABQBD@Z

kernel32

IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
GetLastError
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
EncodePointer
DecodePointer
InterlockedExchange
Sleep
GetCurrentProcessId
IsProcessorFeaturePresent
InterlockedCompareExchange

shlwapi

PathIsDirectoryA
PathFileExistsA

msvcp100

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
??1_Container_base12@std@@QAE@XZ
?_BADOFF@std@@3_JB
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
_Nan
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
??Bid@locale@std@@QAEIXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

tkernel

?IncrementRefCounter@Standard_Transient@@QBEXXZ
?Register@Standard_Type@@SAPAV1@PBD0IABV?$handle@VStandard_Type@@@opencascade@@@Z
?DecrementRefCounter@Standard_Transient@@QBEHXZ

gdiplus

GdiplusShutdown

ncemath

?D2GetDistance@math@@YANABVDPOINT2@1@0@Z

ncedata

??4CLayer@nce@@QAEAAV01@ABV01@@Z
??0CLayer@nce@@QAE@ABV01@@Z
??1CLayer@nce@@UAE@XZ
?GetParams@CLayer@nce@@QBE?BV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetLayerParamsByID@CZoneManager@nce@@QAE_NABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@AAV?$vector@VCLayer@nce@@V?$allocator@VCLayer@nce@@@std@@@std@@@Z
?GetFront@CCadGroup@nce@@QBEPBVCCadObject@2@XZ
?GetBack@CCadGroup@nce@@QBEPBVCCadObject@2@XZ
?GetTechnicsList@CCadObject@nce@@QBEPBV?$list@PAVCTechnics@nce@@V?$allocator@PAVCTechnics@nce@@@std@@@std@@XZ
?GetZoneAdobe@CZonePart@nce@@QAEPBVCZoneAdobe@2@XZ
?GetNestPartCount@CZoneBlock@nce@@QAEHXZ
?GetObjectsList@CCadGroup@nce@@QBEPBV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@XZ
?GetObjectsList@CCadGroup@nce@@QAEPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@XZ
?GetRelationPaths@CCadRelationGroup@nce@@QAEPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@XZ
?GetColor@CLayer@nce@@QBE?BKXZ

ncecommon

?GetCadLength@nce@@YANPBVCCadObject@1@@Z
?GetEndPoint@nce@@YA?AVDPOINT2@math@@PBVCCadObject@1@@Z
?GetCadPolylineArea@nce@@YANPBVCCadMultiSegments@1@@Z
?MetricToUiUnit@UnitSystem@@QAENNW4convert_type_t@@@Z
?GetUnitSystem@UnitSystem@@SAPAV1@XZ
?GetUnitType@UnitSystem@@QAE?AW4unit_len_t@@XZ
?GetStartPoint@nce@@YA?AVDPOINT2@math@@PBVCCadObject@1@@Z

drawer

?VcWidthHeightToWcWidthHeight@NceView@@YAXAAN0N@Z

propertydata

??0CVariant@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetValue@CPropertyNode@nce@@QAEXABVCVariant@@@Z
?SetDisplayName@CPropertyNode@nce@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CPropertyNode@nce@@QAE@XZ
?SetProperty@CPropertyNode@nce@@QAEXPAUProperty@2@@Z
?FindNode@CPropertyTree@nce@@QAEHIAAPAVCPropertyNode@2@@Z
?GetPropertyType@CPropertyGroupNode@nce@@UBE?AW4PropertyType@CPropertyNode@2@XZ
?Clone@CPropertyGroupNode@nce@@UBEPAVCPropertyNode@2@XZ
?Clone@CPropertyNode@nce@@UBEPAV12@XZ
?toString@CVariant@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?toBool@CVariant@@QBE_NXZ
?GetValue@CPropertyNode@nce@@QBE?AVCVariant@@XZ
?toDouble@CVariant@@QBENXZ
?GetDisplayName@CPropertyNode@nce@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetPropertyType@CPropertyNode@nce@@UBE?AW4PropertyType@12@XZ
?GetCustom@CPropertyNode@nce@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??1CPropertyNode@nce@@UAE@XZ
??1CPropertyGroupNode@nce@@UAE@XZ
?AddNode@CPropertyTree@nce@@QAEHABVCPropertyNode@2@@Z
??0CVariant@@QAE@PBD@Z
??0CVariant@@QAE@_N@Z
?SetCustom@CPropertyNode@nce@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CVariant@@QAE@N@Z
??1CVariant@@QAE@XZ
??0Property@nce@@QAE@VCVariant@@0_N1V?$vector@U?$pair@VCVariant@@V1@@std@@V?$allocator@U?$pair@VCVariant@@V1@@std@@@2@@std@@@Z
??0CPropertyNode@nce@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0VCVariant@@PAUProperty@1@@Z
?GetPropertyNodeList@CPropertyGroupNode@nce@@QAEPAV?$vector@PAVCPropertyNode@nce@@V?$allocator@PAVCPropertyNode@nce@@@std@@@std@@XZ
??0CPropertyTree@nce@@QAE@XZ
??1CPropertyTree@nce@@QAE@XZ
??0CPropertyGroupNode@nce@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

localizationadapter

?GetLang@ncels@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?LS@ncels@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@0@Z

tubefoundation

?GetTubeType@CTubeTypeHelper@nce@@SAHABVCNceZone@2@@Z
?IsClosedTube@CTubeAdobeProxy@nce@@QAE_NXZ
??0CTubeAdobeProxy@nce@@QAE@PBUAdobe@1@@Z
??1CTubeAdobeProxy@nce@@QAE@XZ
?GetTubePerimeter@CTubeAdobeProxy@nce@@QAEN_N@Z
?GetCommonTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN000_N@Z
?GetTSteelTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN00000_N@Z
?GetISteelTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN00000_N@Z
?GetChannelSteelParam@CTubeAdobeProxy@nce@@QAE_NAAN00000_N@Z
?GetAngleSteelParam@CTubeAdobeProxy@nce@@QAE_NAAN0000_N@Z
?GetWaistTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN000_N@Z
?GetOvalTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN000_N@Z
?GetRectTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN0000_N@Z
?GetCircleTubeParam@CTubeAdobeProxy@nce@@QAE_NAAN00_N@Z

Exports

Exports

DeletePropertyTree
GenerateReprotInfo
GetPropertyTree

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c9c58090248f9b12ae4c9df749dec8e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100

msvcr100

kernel32

shlwapi

msvcp100

tkernel

gdiplus

ncemath

ncedata

ncecommon

drawer

propertydata

localizationadapter

tubefoundation

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 14KB