83816cf356817701e1fd83c69f45d981d6ebbbaee5f0212ebe7995ac3ef1c1a4

Sharing

Copy URL Twitter E-mail

General

Target

83816cf356817701e1fd83c69f45d981d6ebbbaee5f0212ebe7995ac3ef1c1a4
Size

73KB
MD5

c4056b63f0fb79136d9f7ee6df8a92c9
SHA1

c03b5d731bdcf07a7b2043e81c75b26ae6519e17
SHA256

83816cf356817701e1fd83c69f45d981d6ebbbaee5f0212ebe7995ac3ef1c1a4
SHA512

cbb4164cd7029a9858cd0b0308e68a97a1d2bd1c750decbbf3c04294f40f4fcdb2f6262e96d238add566dc0f811e30348942abef2f491b1fe0c103a83bd66134
SSDEEP

768:9hzqXgmMtfHR75kHdPjnZNfP1BounCGQ6vjIT/g2F9uXtIdsf0X0FmxkDYjHNL2Q:9RCgmKYVRoutTv23gtqNLbAGnTOCqLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83816cf356817701e1fd83c69f45d981d6ebbbaee5f0212ebe7995ac3ef1c1a4

Files

83816cf356817701e1fd83c69f45d981d6ebbbaee5f0212ebe7995ac3ef1c1a4
.dll windows:5 windows x86 arch:x86

02376caf351d68a4be9c6c793b712490

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\ChangSha_YF\Laser\Beta\Libs-Tube\LASERT~1\Release\LaserTubeTranslator.pdb

Imports

mfc100

ord1926
ord1297
ord323
ord1929
ord1867
ord1940
ord2087
ord2089
ord1948
ord408
ord3406
ord2040
ord1979
ord2079
ord2050
ord2052
ord322
ord2090
ord13518
ord906
ord1296
ord266
ord1963

msvcr100

_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
__clean_type_info_names_internal
?terminate@@YAXXZ
??2@YAPAXI@Z
__CxxFrameHandler3
memset
_cexit
__FrameUnwindFilter
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z

kernel32

InterlockedCompareExchange
LocalFree
EncodePointer
DecodePointer
InterlockedExchange
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep
LocalAlloc

tkernel

?Register@Standard_Type@@SAPAV1@PBD0IABV?$handle@VStandard_Type@@@opencascade@@@Z
?DecrementRefCounter@Standard_Transient@@QBEHXZ
?IncrementRefCounter@Standard_Transient@@QBEXXZ

tubetranslator

??0CTubeTranslator@tubecoor@@QAE@XZ
?GetLastWarning@CTubeTranslator@tubecoor@@UAEKXZ
?Pnt3DTo2D@CTubeTranslator@tubecoor@@MAE_NUPoint3D@2@HHAAUPoint2D@2@@Z
??1CTubeTranslator@tubecoor@@UAE@XZ
?Translate@CTubeTranslator@tubecoor@@UAEHPBUPoint2D@2@PAUPoint3D@2@@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBUPoint2D@2@PAUCamPoint@2@H@Z
?PntCamTo2D@CTubeTranslator@tubecoor@@MAE_NUCamPoint@2@AAUPoint2D@2@AAUPoint3D@2@@Z
?PntCamXYZBTo3D@CTubeTranslator@tubecoor@@MAE_NUCamPoint@2@AAUPoint3D@2@@Z
?PntCamXYBTo3D@CTubeTranslator@tubecoor@@MAE_NUCamPoint@2@AAUPoint3D@2@QAH2@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBUCamPoint@2@PAUPoint3D@2@@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBUCamPoint@2@PAUPoint2D@2@PAUPoint3D@2@@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBUPoint3D@2@PAUCamPoint@2@@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBUPoint3D@2@PAUPoint2D@2@@Z
?Init@CTubeTranslator@tubecoor@@UAEXPBUAdobe@nce@@_NUParam@12@@Z
?Polyline2DToCAM@CTubeTranslator@tubecoor@@MAE_NPBV?$CPolyline@UPoint2D@tubecoor@@@2@HPAV?$CPolyline@UCamPoint@tubecoor@@@2@@Z
?Polyline2DTo3D@CTubeTranslator@tubecoor@@MAE_NPBV?$CPolyline@UPoint2D@tubecoor@@@2@HPAV?$CPolyline@UPoint3D@tubecoor@@@2@@Z
?Pnt2DToCAM@CTubeTranslator@tubecoor@@MAE_NUPoint2D@2@HAAUCamPoint@2@@Z
??0Param@CTubeTranslator@tubecoor@@QAE@ABU012@@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBV?$CPolyline@UPoint2D@tubecoor@@@2@PAV?$CPolyline@UCamPoint@tubecoor@@@2@H@Z
?Pnt3DTo2D@CTubeTranslator@tubecoor@@MAE_NUPoint3D@2@HAAUPoint2D@2@@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBV?$CPolyline@UPoint2D@tubecoor@@@2@PAV?$CPolyline@UPoint3D@tubecoor@@@2@@Z
?GetOverArrisJiggle@CTubeTranslator@tubecoor@@UAENXZ
??0Param@CTubeTranslator@tubecoor@@QAE@XZ
??0CamPoint@tubecoor@@QAE@NNNNNN@Z
?Translate@CTubeTranslator@tubecoor@@UAEHPBV?$CPolyline@UPoint3D@tubecoor@@@2@PAV?$CPolyline@UPoint2D@tubecoor@@@2@@Z
?Pnt2DTo3D@CTubeTranslator@tubecoor@@MAE_NUPoint2D@2@AAHAAUPoint3D@2@PAHPAN@Z
??0Point2D@tubecoor@@QAE@NN@Z

msvcp100

?quiet_NaN@?$numeric_limits@N@std@@SANXZ

mscoree

_CorDllMain

Exports

Exports

Dispose
Init
Trans2DToRotate3D
TransRotate3DTo2D

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02376caf351d68a4be9c6c793b712490

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100

msvcr100

kernel32

tkernel

tubetranslator

msvcp100

mscoree

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 1024B - Virtual size: 28KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 1024B - Virtual size: 28KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB