072ae35f7fa2aabd950460400487362200e7ecebf8b703413235b48717820779

Sharing

Copy URL Twitter E-mail

General

Target

072ae35f7fa2aabd950460400487362200e7ecebf8b703413235b48717820779
Size

24KB
MD5

7c1ef878ca99ef99149b02b9d2e83ee0
SHA1

4982538802e581918e799400af6465ae01b73901
SHA256

072ae35f7fa2aabd950460400487362200e7ecebf8b703413235b48717820779
SHA512

e54ae858954c7c379ad0dd842f7de7c78fc33eed954f1d125571b085dfc9da74ce7d7219bf583febed67ed4acfeda7385ccd2d8273dfbde88ccfd3de17736f81
SSDEEP

384:InT3M3EoCTWG1R/ri1FB1KWKZ6cPFfvG3xFckp4gJf5QNbXTfXHjQJ5Wvtnl2qHs:k3M31GTzSF7fckpTf0bXTfHEJq2qgOEb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
072ae35f7fa2aabd950460400487362200e7ecebf8b703413235b48717820779

Files

072ae35f7fa2aabd950460400487362200e7ecebf8b703413235b48717820779
.dll windows:5 windows x86 arch:x86

11f16a9892fb91edf7514bc33a03f56e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\101\V15\LibraryTubeBeta-AdobeTech\NcexConvert\Release\NcexConvert.pdb

Imports

mfc100

ord1948
ord1929
ord2050
ord266
ord408
ord1294
ord1296

msvcr100

_malloc_crt
free
_encoded_null
_onexit
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__clean_type_info_names_internal
memmove
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_purecall
__RTDynamicCast
memcpy
__CxxFrameHandler3
_CxxThrowException
_initterm

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
DecodePointer
GetCurrentThreadId
InterlockedExchange
Sleep
GetTickCount
QueryPerformanceCounter
EncodePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
_Nan
?_Xlength_error@std@@YAXPBD@Z

tkernel

?Register@Standard_Type@@SAPAV1@PBD0IABV?$handle@VStandard_Type@@@opencascade@@@Z
?IncrementRefCounter@Standard_Transient@@QBEXXZ
?DecrementRefCounter@Standard_Transient@@QBEHXZ

ncedata

?Fill@CCadGroup@nce@@UAEX_N@Z
?SetValid@CCadGroup@nce@@UAEX_N@Z
?ApplyTransform@CCadGroup@nce@@UAE_NABVgp_Trsf2d@@ABVDPOINT2@math@@N@Z
?ClearInnerObject@CCadObject@nce@@UAEXXZ
?GetInnerObject@CCadObject@nce@@UBEPBV12@XZ
?GetInnerObject@CCadObject@nce@@UAEPAV12@XZ
?Select@CCadGroup@nce@@UAEX_N@Z
?IsSelected@CCadGroup@nce@@UBE_NXZ
?SetMachining@CCadGroup@nce@@UAEX_N@Z
?IsMachining@CCadGroup@nce@@UBE_NXZ
??0CCadGroup@nce@@QAE@ABV01@_N@Z
??1CCadGroup@nce@@UAE@XZ
??0CCadGroup@nce@@QAE@_N@Z
?GetObjectsList@CCadGroup@nce@@QAEPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@XZ
?GetRelationPaths@CCadRelationGroup@nce@@QAEPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@XZ
?Clone@CCadGroup@nce@@UBEPAVCCadObject@2@_N@Z
?PickOffAll@CCadGroup@nce@@QAEXXZ
?SetInnerObject@CCadObject@nce@@UAEXPAV12@@Z
?GetType@CCadGroup@nce@@UBE?AW4cad_t@2@XZ
?IsClose@CCadObject@nce@@UBE_NXZ
?IsFilled@CCadGroup@nce@@UBE_NXZ
?SetParamIndex@CCadGroup@nce@@UAEXH@Z
?ReverseDir@CCadGroup@nce@@UAEXXZ
?GetBoundRect@CCadGroup@nce@@UBE?AUDRECT@math@@XZ
?GetID@CCadObject@nce@@UBEIXZ
?SetID@CCadObject@nce@@UAEXI@Z
?GetParamIndex@CCadGroup@nce@@UBEHXZ

ncefile

??_7CNceFile@nce@@6B@
??1CNceFile@nce@@UAE@XZ
??0CNceFile@nce@@QAE@XZ
?Initialize@CNceFile@nce@@QAE_NPAUCNceFileParam@2@@Z
?SaveCncFileFirst@CNceFile@nce@@QAEHPBD@Z

Exports

Exports

??0NcexConvert@nce@@QAE@ABV01@@Z
??0NcexConvert@nce@@QAE@XZ
??1NcexConvert@nce@@UAE@XZ
??4NcexConvert@nce@@QAEAAV01@ABV01@@Z
??_7NcexConvert@nce@@6B@
?ExportNcexEx@NcexConvert@nce@@QAEHXZ
?initalze@NcexConvert@nce@@QAEXAAUNcexConvertData@2@@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11f16a9892fb91edf7514bc33a03f56e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100

msvcr100

kernel32

msvcp100

tkernel

ncedata

ncefile

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB