4b86cc13fc8018477b623f8cec1b92228c431df6c8af119a9c852dcd9e6cd0b8

Sharing

Copy URL

Twitter E-mail

General

Target

4b86cc13fc8018477b623f8cec1b92228c431df6c8af119a9c852dcd9e6cd0b8
Size

328KB
MD5

70013752f7a9fb5f3f60ff56e0604407
SHA1

1fbcca56971efe84883d80f56ba8392edb5ce673
SHA256

4b86cc13fc8018477b623f8cec1b92228c431df6c8af119a9c852dcd9e6cd0b8
SHA512

f5f2b6689b84d629541d4d5ce9e1d8753510e7eeb240d6b540c2cb0db67db465b96535ccdf316f5dd98cad531b15ae0df921b9c92ce8545483cfeb647d7d8341
SSDEEP

3072:s5OXZ5fif7Fs7Z85YdPbPnHjp2qcOraq7R:8OJdwB+85oHjp2qcOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b86cc13fc8018477b623f8cec1b92228c431df6c8af119a9c852dcd9e6cd0b8

Files

4b86cc13fc8018477b623f8cec1b92228c431df6c8af119a9c852dcd9e6cd0b8
.dll windows:5 windows x86 arch:x86

341324265b8eacd933780c342132bcff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VSWorkSpace_Tube\V15\LibraryTubeBeta-AdobeTech\NewFile\Release\NewFile.pdb

Imports

mfc100

ord6217
ord8070
ord13294
ord10883
ord3395
ord11025
ord8235
ord13973
ord13972
ord14045
ord14062
ord14058
ord14060
ord14061
ord14059
ord7349
ord9286
ord2878
ord8351
ord2847
ord12644
ord11190
ord11188
ord1496
ord1503
ord1509
ord1507
ord1514
ord4373
ord4410
ord2881
ord6572
ord812
ord8076
ord4340
ord11940
ord7927
ord7491
ord8304
ord3390
ord10013
ord8139
ord10300
ord4381
ord10148
ord10879
ord10882
ord10880
ord10881
ord1227
ord9992
ord11150
ord6809
ord5837
ord4341
ord2184
ord796
ord5830
ord2752
ord2973
ord2974
ord3620
ord9475
ord10360
ord8305
ord2416
ord12531
ord5532
ord11067
ord1982
ord7357
ord4772
ord6888
ord6898
ord6897
ord4606
ord4774
ord4625
ord4881
ord8439
ord5095
ord4903
ord4622
ord266
ord4499
ord316
ord310
ord901
ord1313
ord1316
ord2611
ord3254
ord7933
ord11882
ord9994
ord4393
ord4389
ord4385
ord4415
ord4406
ord4377
ord4419
ord4398
ord4364
ord4368
ord4401
ord3991
ord5123
ord13980
ord3984
ord2661
ord13302
ord7074
ord13300
ord6128
ord10672
ord12482
ord5253
ord9571
ord6054
ord4283
ord3636
ord2417
ord12535
ord5534
ord5688
ord6573
ord822
ord2820
ord1639
ord11576
ord9501
ord1230
ord11151
ord2250
ord8348
ord2660
ord8320
ord6810
ord12962
ord3970
ord12285
ord13219
ord8554
ord4099
ord3354
ord895
ord10071
ord11154
ord6836
ord6601
ord2838
ord3755
ord1263
ord3439
ord8231
ord4345
ord11103
ord2846
ord2944
ord2945
ord3484
ord11060
ord2338
ord4785
ord10213
ord12868
ord2050
ord1929
ord1948
ord408
ord1294
ord1296

msvcr100

memcpy
_CxxThrowException
memset
__RTDynamicCast
__CxxFrameHandler3
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__clean_type_info_names_internal
atof
fclose
fprintf
fopen_s
strtod
_purecall
strncpy_s
memchr
_mkdir
strchr
_findclose
_findnext64i32
atoi
_findfirst64i32
memmove
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z

kernel32

InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer

user32

EnableWindow
GetParent
LoadImageA
PostMessageA
GetWindowRect
GetCursorPos
InvalidateRect
PtInRect
GetClientRect
GetWindowDC
SendMessageA

gdi32

CreateFontIndirectA
GetObjectA
DeleteObject

shlwapi

PathFileExistsA
PathIsDirectoryA

msvcp100

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
_Nan
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xfunc@tr1@std@@YAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

tkernel

?IncrementRefCounter@Standard_Transient@@QBEXXZ
?DecrementRefCounter@Standard_Transient@@QBEHXZ
?Register@Standard_Type@@SAPAV1@PBD0IABV?$handle@VStandard_Type@@@opencascade@@@Z

lua52

lua_settop
lua_gettop
lua_pcallk
lua_setglobal
lua_tonumberx
lua_pushstring
lua_isstring
lua_next
lua_pushnil
lua_setfield
lua_type
lua_pushnumber
lua_tolstring
luaL_setfuncs
lua_toboolean
lua_getglobal
lua_pushlightuserdata
lua_touserdata
lua_getfield
lua_setmetatable
lua_pushcclosure
luaL_newmetatable
lua_settable
lua_pushvalue
lua_isnumber

localizationadapter

?LS@ncels@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@0@Z

ncedata

?GetLength@Adobe@nce@@QBENXZ
?SetKey@CCadObject@nce@@QAEXPBD0@Z
?TransCadToString@nce@@YA_NPBVCCadObject@1@AAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?TranslateCadObject@nce@@YAXPAVCCadObject@1@ABVDPOINT2@math@@@Z
?GetObjectsList@CCadGroup@nce@@QBEPBV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@XZ
?SaveData@Adobe@nce@@QBEXAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z

nclib

?fixed_DDX_TextUnit@nclib@@YGXPAVCDataExchange@@HAANH@Z
?fixed_DDX_Text@nclib@@YGXPAVCDataExchange@@HAANH@Z

ncecommon

?GetLuaState@CLuaScriptEngine@nce@@QAEPAUlua_State@@XZ
?Leave@CLuaAccess@nce@@QAEXXZ
?GetLuaAccess@CLuaScriptEngine@nce@@QAEPAVCLuaAccess@2@XZ
?GetUnitSystem@UnitSystem@@SAPAV1@XZ
?GetDefaultPrecision@UnitSystem@@QAEHXZ
?Enter@CLuaAccess@nce@@QAE_NPBD@Z
?DoFile@CLuaScriptEngine@nce@@QAEHPBD@Z

svglib

??1CSvglib@translators@@UAE@XZ
?InitializeWrite@CSvglib@translators@@QAE_NPBVCSvgWrtieParam@2@@Z
?WriteSvg@CSvglib@translators@@QAE_NPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@AAPAXAAHPADPAN@Z
??0CSvglib@translators@@QAE@XZ

tubeparteditor

?CalculateAtions2Cads@TubePartEdit@@YAHPAUAdobe@nce@@ABV?$vector@V?$shared_ptr@VCTubePartAction@ActionData@@@tr1@std@@V?$allocator@V?$shared_ptr@VCTubePartAction@ActionData@@@tr1@std@@@3@@std@@AAPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@5@2UAdobeParam@ITubePartCalculate@1@@Z
?Clone@TruncateData@ActionData@@UAEPAUITubePartData@2@XZ
??0ITubePartData@ActionData@@QAE@ABU01@@Z
??0CTubePartAction@ActionData@@QAE@ABV?$shared_ptr@UITubePartData@ActionData@@@tr1@std@@W4action_type@1@@Z
??1TruncateData@ActionData@@UAE@XZ
??_7ITubePartData@ActionData@@6B@
??_7TruncateData@ActionData@@6B@
??1CTubePartAction@ActionData@@QAE@XZ

tubefoundation

?MakeWaistTube@CAdobeCreatehelper@@SAPAUAdobe@nce@@NNNN@Z
?MakeOvalTube@CAdobeCreatehelper@@SAPAUAdobe@nce@@NNNN@Z
?MakeCircleTube@CAdobeCreatehelper@@SAPAUAdobe@nce@@NNN@Z
?MakeRectTube@CAdobeCreatehelper@@SAPAUAdobe@nce@@NNNNN@Z
?MakeAngleSteelTube@CAdobeCreatehelper@@SAPAUAdobe@nce@@NNNNN@Z
?GetTruncationFromList@CTruncationHelper@nce@@SAXPBV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@PAPAVCCadObject@2@1@Z
?MakeChannelSteelTube@CAdobeCreatehelper@@SAPAUAdobe@nce@@NNNNNN@Z
??0CAfterTreateFromIgsCad@nce@@QAE@XZ
??1CAfterTreateFromIgsCad@nce@@QAE@XZ
?AfterTreateCad@CAfterTreateFromIgsCad@nce@@QAEXPAV?$list@PAVCCadObject@nce@@V?$allocator@PAVCCadObject@nce@@@std@@@std@@0PBUAdobe@2@_N@Z

Exports

Exports

??0CNewFile@NewFile@@QAE@XZ
??0CNewTubeSheet@@QAE@PBDIPAVCWnd@@I@Z
??1CNewFile@NewFile@@QAE@XZ
??1CNewTubeSheet@@UAE@XZ
??4CNewFile@NewFile@@QAEAAV01@ABV01@@Z
??_7CNewTubeSheet@@6B@
?BuildNewFile@CNewFile@NewFile@@QAE?AW4NewFileTP_E@2@ABUNewFileInfo@2@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?BuildNewFileWithDlg@CNewFile@NewFile@@QAE?AW4NewFileTP_E@2@ABUNewFileInfo@2@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CreateTube@CNewTubeSheet@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetMessageMap@CNewTubeSheet@@MBEPBUAFX_MSGMAP@@XZ
?GetRuntimeClass@CNewTubeSheet@@UBEPAUCRuntimeClass@@XZ
?GetThisClass@CNewTubeSheet@@SGPAUCRuntimeClass@@XZ
?GetThisMessageMap@CNewTubeSheet@@KGPBUAFX_MSGMAP@@XZ
?GetWizardBtn@CNewTubeSheet@@QAEHPAVCNewTubePage@@@Z
?InitSubDlgBtn@CNewTubeSheet@@QAEXPAVCNewTubePage@@@Z
?InitTubeSecParamDlg@CNewTubeSheet@@IAEXXZ
?InitTubeSideParamDlg@CNewTubeSheet@@QAEXXZ
?InitTubeTypeDlg@CNewTubeSheet@@IAE_NXZ
?Initialize@CNewTubeSheet@@QAE_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?InsertTubePart@CNewFile@NewFile@@QAE?AW4NewFileTP_E@2@ABUNewFileInfo@2@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@6@AAV56@@Z
?OnInitDialog@CNewTubeSheet@@MAEHXZ
?SetDescription@CNewTubeSheet@@AAEXPAVCNewTubePage@@@Z
?SetTitle@CNewTubeSheet@@AAEXPAVCNewTubePage@@@Z
?SetWizardBtn@CNewTubeSheet@@QAEXPAVCNewTubePage@@@Z
?SetWizardBtnText@CNewTubeSheet@@QAEXPAVCNewTubePage@@@Z
?_GetBaseClass@CNewTubeSheet@@KGPAUCRuntimeClass@@XZ
?classCNewTubeSheet@CNewTubeSheet@@2UCRuntimeClass@@B
luaOpen_CClass

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

341324265b8eacd933780c342132bcff

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100

msvcr100

kernel32

user32

gdi32

shlwapi

msvcp100

tkernel

lua52

localizationadapter

ncedata

nclib

ncecommon

svglib

tubeparteditor

tubefoundation

Exports

Exports

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 186KB - Virtual size: 186KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 186KB - Virtual size: 186KB

.reloc
Size: 12KB - Virtual size: 11KB