507418ce4587cd05d49a2766cc0c42ab54638974b20b3959bd583dc2bb864d69

Sharing

Copy URL Twitter E-mail

General

Target

507418ce4587cd05d49a2766cc0c42ab54638974b20b3959bd583dc2bb864d69
Size

39KB
MD5

9ac718dd29084a03f2042f50d5f6b5f4
SHA1

f4138a49cbc0d6bdf312119c610844fa4ce3d111
SHA256

507418ce4587cd05d49a2766cc0c42ab54638974b20b3959bd583dc2bb864d69
SHA512

78e2e4eecdd95b1f4394096ae677a46872882da78afaf571c39201843cd384fb50083904112641bc862d648cea143924daabd10ae6bb0fe8a9f1af883f825c3d
SSDEEP

768:tGB7MTMndS2+RFEPfg7gOngBsVkpYp0pJ2q/OEd0bh8OpW:twcMSGIEOgBgZOP2q/OD8Op

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
507418ce4587cd05d49a2766cc0c42ab54638974b20b3959bd583dc2bb864d69

Files

507418ce4587cd05d49a2766cc0c42ab54638974b20b3959bd583dc2bb864d69
.dll windows:5 windows x86 arch:x86

d00d7e27fd38daf35aa2e4d6ca8914ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VSWorkSpace_Tube\V15\LibraryTubeBeta-AdobeTech\Translators\PltToCad\Release\PltToCad.pdb

Imports

mfc100

ord300
ord2056
ord11274
ord13310
ord2061
ord2063
ord265
ord11297
ord13329
ord6010
ord5215
ord310
ord6093
ord5639
ord4934
ord4941
ord4938
ord14118
ord10915
ord3826
ord11907
ord12453
ord11290
ord13326
ord7613
ord13177
ord1493
ord4273
ord2538
ord4501
ord13348
ord11318
ord11319
ord868
ord1266
ord3839
ord1480
ord2611
ord1314
ord1313
ord1316
ord901
ord316
ord266
ord2050
ord408
ord1948
ord1294
ord1296

msvcr100

memcpy
_CIatan2
memset
_CItan
_CIsin
_CIcos
_CIsqrt
__CxxFrameHandler3
_CxxThrowException
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_onexit
_lock
__dllonexit
_unlock
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__clean_type_info_names_internal
?terminate@@YAXXZ
_stricmp
strchr
isalpha
isdigit
atoi
_purecall
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memcpy_s
atof

kernel32

IsProcessorFeaturePresent
DecodePointer
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
EncodePointer

msvcp100

_Nan
?_Xlength_error@std@@YAXPBD@Z

tkernel

?DecrementRefCounter@Standard_Transient@@QBEHXZ
?Register@Standard_Type@@SAPAV1@PBD0IABV?$handle@VStandard_Type@@@opencascade@@@Z
?IncrementRefCounter@Standard_Transient@@QBEXXZ

ncedata

??1CCadPolyline@nce@@UAE@XZ
??1CCadDot@nce@@UAE@XZ
?GetLength@CCadMultiSegments@nce@@UBENXZ
?GetSegment@CCadPolyline@nce@@UBE?AUSEGMENT@2@H@Z
?GetSegmentCount@CCadPolyline@nce@@UBEHXZ
?GetEndPoint@CCadPolyline@nce@@UBE?AVDPOINT2@math@@XZ
?IsNormalDir@CCadPolyline@nce@@UBE_NXZ
?ApplyTransform@CCadPolyline@nce@@UAE_NABVgp_Trsf2d@@ABVDPOINT2@math@@N@Z
?GetBoundRect@CCadPolyline@nce@@UBE?AUDRECT@math@@XZ
?ReverseDir@CCadPolyline@nce@@UAEXXZ
?IsClose@CCadMultiSegments@nce@@UBE_NXZ
?Clone@CCadPolyline@nce@@UBEPAVCCadObject@2@_N@Z
?GetType@CCadPolyline@nce@@UBE?AW4cad_t@2@XZ
?ApplyTransform@CCadDot@nce@@UAE_NABVgp_Trsf2d@@ABVDPOINT2@math@@N@Z
?ClearInnerObject@CCadObject@nce@@UAEXXZ
?SetInnerObject@CCadObject@nce@@UAEXPAV12@@Z
?GetInnerObject@CCadObject@nce@@UBEPBV12@XZ
?GetInnerObject@CCadObject@nce@@UAEPAV12@XZ
?SetMachining@CCadObject@nce@@UAEX_N@Z
?IsMachining@CCadObject@nce@@UBE_NXZ
?SetID@CCadObject@nce@@UAEXI@Z
?GetID@CCadObject@nce@@UBEIXZ
?GetBoundRect@CCadDot@nce@@UBE?AUDRECT@math@@XZ
?ReverseDir@CCadDot@nce@@UAEXXZ
?Fill@CCadObject@nce@@UAEX_N@Z
?IsFilled@CCadObject@nce@@UBE_NXZ
?IsClose@CCadObject@nce@@UBE_NXZ
?Clone@CCadDot@nce@@UBEPAVCCadObject@2@_N@Z
?GetType@CCadDot@nce@@UBE?AW4cad_t@2@XZ
?GetStartPoint@CCadPolyline@nce@@UBE?AVDPOINT2@math@@XZ
?IsSelected@CCadObject@nce@@UBE_NXZ
?Select@CCadObject@nce@@UAEX_N@Z
?SetParamString@CCadObject@nce@@QAEXPBD@Z
?GetParamIndex@CCadObject@nce@@UBEHXZ
?SetParamIndex@CCadObject@nce@@UAEXH@Z
??0CCadDot@nce@@QAE@_N@Z
?GetNodeCount@CCadPolyline@nce@@QBEHXZ
?AddArc@CCadPolyline@nce@@QAEXVDPOINT2@math@@N@Z
?AddLine@CCadPolyline@nce@@QAEXVDPOINT2@math@@@Z
?SetStartPoint@CCadPolyline@nce@@QAEXVDPOINT2@math@@@Z
??0CCadPolyline@nce@@QAE@_N@Z

Exports

Exports

??0CPltToCadTranslateParam@translators@@QAE@XZ
??0CPltToCadTranslator@translators@@QAE@ABV01@@Z
??0CPltToCadTranslator@translators@@QAE@XZ
??1CPltToCadTranslator@translators@@UAE@XZ
??4CPltToCadTranslateParam@translators@@QAEAAV01@ABV01@@Z
??4CPltToCadTranslator@translators@@QAEAAV01@ABV01@@Z
??_7CPltToCadTranslator@translators@@6B@
?GetLastError@CPltToCadTranslator@translators@@QBEABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?Initialize@CPltToCadTranslator@translators@@UAE_NPBVCPltToCadTranslateParam@2@@Z
?Translate@CPltToCadTranslator@translators@@UAE_NPBDPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@@Z
?Translate@CPltToCadTranslator@translators@@UAE_NPBDPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@P6AXHH@Z@Z
?Translate@CPltToCadTranslator@translators@@UAE_NPBDPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@PAN@Z
TranslatePltToCad

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d00d7e27fd38daf35aa2e4d6ca8914ab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100

msvcr100

kernel32

msvcp100

tkernel

ncedata

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB