b6d23a70df8e66d449606e79875977741e44266732f2f75977765b971b210ab2

Sharing

Copy URL Twitter E-mail

General

Target

b6d23a70df8e66d449606e79875977741e44266732f2f75977765b971b210ab2
Size

147KB
MD5

b12b17340f1c0907fafb83ddf011537b
SHA1

efd79b9b65d29417413b2f7f2e188dcc63328e72
SHA256

b6d23a70df8e66d449606e79875977741e44266732f2f75977765b971b210ab2
SHA512

38bea4387f9e5a32b3312d2fa74b0e2b6d7e7d5433846baf2831c48c84147f7f9970757e9235cb1bcf76f22de7e882d9c75385200fe514a472ac392ee240be36
SSDEEP

3072:TMzUZT8eT4bTTTTT4TTTTWTTTTYTTTTtRSeD6lTTTTETTTTTTTTTTTTaTTTTTTT5:TzcmYeD6jqTWTCIVUOKYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6d23a70df8e66d449606e79875977741e44266732f2f75977765b971b210ab2

Files

b6d23a70df8e66d449606e79875977741e44266732f2f75977765b971b210ab2
.dll windows:6 windows x86 arch:x86

fd28feda95352f708d67bbf7441f6b0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

jetcam

gen_nc_hit
gen_nc_d_o_u
gen_nc_angle_str
gen_nc_n
gen_nc_eob
gen_nc_g
gen_nc_m
gen_nc_x_y
gen_nc_tool
te_update_tool
gen_nc_index
te_update_index
gen_nc_i_j
gen_nc_let
gen_nc_feedrate
gen_nc_hit_on
gen_nc_ni_on
gen_nc_laser_disable
gen_nc_ni_off
gen_nc_hit_off
cmsg
find_tool_p
check_laser_tool
gen_nc_path_collision
hz_make_all_forms_active
pp_wait_for_key
flush_nc_buffer
tool_to_turret_station
remove_zeros
remove_trailing_point
mt_need_high_station_number_logic
aaa_px1_set_la_off_comp_ok
pp_la_parms
pp_d_o_u
pp_n
pp_eob
pp_g
pp_m
pp_x_y
pp_tool
pp_index
pp_i_j
pp_let
pp_feedrate
pp_hit_on
pp_ni_on
pp_laser_enable
pp_laser_disable
pp_laser_on
pp_laser_off
pp_laser_lift_head
pp_ni_off
pp_hit_off
pp_movement
pp_movement_kind
pp_hit
pp_cut
pp_nibble_l
pp_nibble_c
pp_nibble_a
pp_grid
pp_bolt_hole_circle
pp_laser_line
pp_laser_arc
pp_laser_tech_table
pp_sheet_stop
pp_sheet_trap_door
pp_sheet_tab_break
pp_sheet_nc
pp_sheet_feedrate
pp_sheet_dwell
pp_sheet_move
pp_sheet_reposition
pp_main_questions
pp_main
pp_sub_call
pp_sub_begin
pp_sub_end
c_post_processor
c_mch_units
c_nc_buff
c_nc_x
c_nc_y
c_nc_comp_x
c_nc_comp_y
c_nc_tool
c_nc_multitool_flag
c_nc_tool_a
c_nc_g
c_nc_m
c_nc_ni_on
c_nc_slow_ni_on
c_repos_x
c_repos_y
c_nc_dummy_sub_call
c_nc_feedrate
c_nc_max_lines
c_nc_in_sub
c_te_tot_multitool
c_nc_laser_enable
c_nc_absolute
mt1
c_tool_stations
c_nc_block
c_turret
gen_nc_laser_enable
round_i
init_pp_variables
gen_nc_sims
gen_nc_output_all_subs
get_clamp_pos
pp_auto_processing_status
current_repos_x
c_curr_sheet
c_table_size_x
c_nc_use_program_number
c_program_number
c_line_number_inc
c_clamps
c_initial_feedrate
c_nc_rewind_flag
c_nc_nes_name

vcruntime140

memset
strchr
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
terminate

kernel32

SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
UnhandledExceptionFilter

Exports

Exports

post_dll_set_pp_vars

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd28feda95352f708d67bbf7441f6b0d

Headers

File Characteristics

Imports

jetcam

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 924B

.gfids Size: 512B - Virtual size: 28B

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 924B

.gfids
Size: 512B - Virtual size: 28B

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 2KB - Virtual size: 2KB