46435c2a33a426e8bc58886ea39d41e2d7710927163523af42c2d391f89ae070

Sharing

Copy URL Twitter E-mail

General

Target

46435c2a33a426e8bc58886ea39d41e2d7710927163523af42c2d391f89ae070
Size

9.1MB
MD5

08b2ad009b6bf5ad976791e16ad9ce99
SHA1

cce74ac1cc87546e553cd6dcbb4a92ef96d28d54
SHA256

46435c2a33a426e8bc58886ea39d41e2d7710927163523af42c2d391f89ae070
SHA512

d21a04dfeb465c3a38a3e78427a63ebf8cc34124f59a01e7e8f087c5e404ade6e268faba394b96c18efb2a42aa729f8c89b1eaa37a165725bcecbc29fcedd3f5
SSDEEP

98304:nuxhoANT/KMW2V5++xxboRwlULRwlUP8WV723:YoHz2V5+oY8WV723

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46435c2a33a426e8bc58886ea39d41e2d7710927163523af42c2d391f89ae070

Files

46435c2a33a426e8bc58886ea39d41e2d7710927163523af42c2d391f89ae070
.exe windows:6 windows x64 arch:x64

ef8ffaa921ad74a92e8dc482ae3be008

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

cudnn64_7

cudnnSetStream
cudnnCreate
cudnnGetErrorString
cudnnGetConvolutionBackwardDataWorkspaceSize
cudnnGetConvolutionBackwardDataAlgorithm
cudnnGetConvolutionBackwardFilterWorkspaceSize
cudnnGetConvolutionBackwardFilterAlgorithm
cudnnGetConvolutionForwardWorkspaceSize
cudnnGetConvolutionForwardAlgorithm
cudnnSetConvolution2dDescriptor
cudnnDestroyFilterDescriptor
cudnnSetConvolutionMathType
cudnnCreateConvolutionDescriptor
cudnnSetFilter4dDescriptor
cudnnCreateFilterDescriptor
cudnnDestroyTensorDescriptor
cudnnSetTensor4dDescriptor
cudnnCreateTensorDescriptor
cudnnBatchNormalizationBackward
cudnnBatchNormalizationForwardTraining
cudnnConvolutionBackwardData
cudnnConvolutionBackwardFilter
cudnnSetConvolutionGroupCount
cudnnSetPooling2dDescriptor
cudnnDestroyPoolingDescriptor
cudnnCreatePoolingDescriptor
cudnnDestroyConvolutionDescriptor
cudnnConvolutionForward

opencv_world440

?create@Mat@cv@@QEAAXHPEBHH@Z
?deallocate@Mat@cv@@QEAAXXZ
?createTrackbar@cv@@YAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PEAHHP6AXHPEAX@Z2@Z
?setMouseCallback@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@P6AXHHHHPEAX@Z1@Z
?setWindowProperty@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HN@Z
?moveWindow@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
?resizeWindow@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
?imshow@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV_InputArray@1@@Z
?waitKey@cv@@YAHH@Z
?waitKeyEx@cv@@YAHH@Z
?destroyAllWindows@cv@@YAXXZ
?fastFree@cv@@YAXPEAX@Z
?fourcc@VideoWriter@cv@@SAHDDDD@Z
??0VideoWriter@cv@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HNV?$Size_@H@1@_N@Z
??0VideoCapture@cv@@QEAA@HH@Z
??0VideoCapture@cv@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?imread@cv@@YA?AVMat@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?getTextSize@cv@@YA?AV?$Size_@H@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HNHPEAH@Z
?putText@cv@@YAXAEBV_InputOutputArray@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$Point_@H@1@HNV?$Scalar_@N@1@HH_N@Z
?circle@cv@@YAXAEBV_InputOutputArray@1@V?$Point_@H@1@HAEBV?$Scalar_@N@1@HHH@Z
?rectangle@cv@@YAXAEBV_InputOutputArray@1@V?$Rect_@H@1@AEBV?$Scalar_@N@1@HHH@Z
?imencode@cv@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV_InputArray@1@AEAV?$vector@EV?$allocator@E@std@@@3@AEBV?$vector@HV?$allocator@H@std@@@3@@Z
?line@cv@@YAXAEBV_InputOutputArray@1@V?$Point_@H@1@1AEBV?$Scalar_@N@1@HHH@Z
?namedWindow@cv@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?rectangle@cv@@YAXAEBV_InputOutputArray@1@V?$Point_@H@1@1AEBV?$Scalar_@N@1@HHH@Z
?cvtColor@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@HH@Z
?resize@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@V?$Size_@H@1@NNH@Z
?GaussianBlur@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@V?$Size_@H@1@NNH@Z
?randn@cv@@YAXAEBV_InputOutputArray@1@AEBV_InputArray@1@1@Z
?flip@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@H@Z
?split@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@@Z
?merge@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@@Z
?mean@cv@@YA?AV?$Scalar_@N@1@AEBV_InputArray@1@0@Z
?addWeighted@cv@@YAXAEBV_InputArray@1@N0NNAEBV_OutputArray@1@H@Z
?add@cv@@YAXAEBV_InputArray@1@0AEBV_OutputArray@1@0H@Z
??Hcv@@YA?AVMatExpr@0@AEBVMat@0@0@Z
?updateContinuityFlag@Mat@cv@@QEAAXXZ
?copySize@Mat@cv@@QEAAXAEBV12@@Z
?setTo@Mat@cv@@QEAAAEAV12@AEBV_InputArray@2@0@Z
??4Mat@cv@@QEAAAEAV01@AEBV?$Scalar_@N@1@@Z
?convertTo@Mat@cv@@QEBAXAEBV_OutputArray@2@HNN@Z
?copyTo@Mat@cv@@QEBAXAEBV_OutputArray@2@@Z
??0Mat@cv@@QEAA@AEBV01@AEBV?$Rect_@H@1@@Z
?noArray@cv@@YAAEBV_InputOutputArray@1@XZ
?error@cv@@YAXHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD1H@Z

pthreadvc2

pthread_create
pthread_join
pthread_mutex_lock
pthread_mutex_unlock

wsock32

inet_ntoa
getpeername
getsockopt
htons
listen
recv
closesocket
send
setsockopt
shutdown
socket
WSAStartup
WSACleanup
WSAGetLastError
bind
connect
accept
select
__WSAFDIsSet

ws2_32

getaddrinfo
getnameinfo
WSASocketW
freeaddrinfo

curand64_10

curandCreateGenerator
curandSetPseudoRandomGeneratorSeed
curandGenerateUniform

cublas64_10

cublasCreate_v2
cublasSgemm_v2
cublasSetStream_v2

nvcuda

cuCtxGetCurrent

cudart64_102

cudaEventDestroy
cudaRuntimeGetVersion
cudaEventCreateWithFlags
cudaStreamWaitEvent
cudaStreamCreateWithFlags
cudaGetDevice
cudaSetDevice
cudaGetDeviceProperties
cudaGetDeviceCount
cudaGetErrorString
cudaGetLastError
cudaMemcpy
cudaMemGetInfo
cudaFree
cudaSetDeviceFlags
cudaGraphLaunch
cudaGraphInstantiate
cudaStreamEndCapture
cudaStreamBeginCapture
cudaStreamSynchronize
cudaMalloc
cudaHostAlloc
cudaFreeHost
cudaMemcpyAsync
cudaDeviceSynchronize
__cudaRegisterFunction
cudaDriverGetVersion
cudaPeekAtLastError
cudaLaunchKernel
__cudaPushCallConfiguration
__cudaPopCallConfiguration
__cudaRegisterFatBinary
__cudaRegisterFatBinaryEnd
__cudaUnregisterFatBinary
cudaEventRecord

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
QueryPerformanceFrequency
GetSystemTime
SystemTimeToFileTime
QueryPerformanceCounter

msvcp140

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?id@?$collate@D@std@@2V0locale@2@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Xbad_function_call@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Strxfrm
_Strcoll
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Thrd_id
_Thrd_hardware_concurrency
_Thrd_yield
_Thrd_sleep
_Thrd_join
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z

vcomp140

_vcomp_for_static_simple_init
_vcomp_fork
omp_get_max_threads
_vcomp_for_static_end

vcruntime140

memset
strstr
strchr
strrchr
memcmp
memcpy
memmove
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memchr
__C_specific_handler
__current_exception
__current_exception_context

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

ldexp
tanhf
sin
nan
fmaxf
round
__setusermatherr
expf
roundl
powf
logf
pow
atan
log2
fmin
fmax
log
_fdclass
cos
exp
frexp
fminf

api-ms-win-crt-runtime-l1-1-0

exit
_register_thread_local_exe_atexit_callback
_c_exit
__p___argc
system
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argv
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
perror
_invalid_parameter_noinfo_noreturn
_errno
terminate
_beginthreadex
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

setvbuf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
_fseeki64
fsetpos
fputc
fgetpos
fgetc
_get_stream_buffer_pointers
getc
ftell
fopen_s
_popen
_pclose
__stdio_common_vsscanf
__stdio_common_vfscanf
fwrite
fread
_set_fmode
fseek
fopen
fclose
fgets
__acrt_iob_func
__stdio_common_vfprintf
__p__commode
_read
_write
ungetc
getchar
fflush
feof

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
calloc
realloc
malloc
_callnewh

api-ms-win-crt-utility-l1-1-0

rand_s
rand
qsort
srand

api-ms-win-crt-convert-l1-1-0

strtol
atoi
strtoull
strtod
atof

api-ms-win-crt-time-l1-1-0

_localtime64
strftime
_time64
clock
_difftime64

api-ms-win-crt-string-l1-1-0

strncpy
strtok
_stricmp
tolower
strncmp

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_mkdir
_unlock_file

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef8ffaa921ad74a92e8dc482ae3be008

Headers

DLL Characteristics

File Characteristics

Imports

cudnn64_7

opencv_world440

pthreadvc2

wsock32

ws2_32

curand64_10

cublas64_10

nvcuda

cudart64_102

kernel32

msvcp140

vcomp140

vcruntime140

vcruntime140_1

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 68KB - Virtual size: 82KB

.pdata Size: 42KB - Virtual size: 41KB

.nv_fatb Size: 7.7MB - Virtual size: 7.7MB

.nvFatBi Size: 512B - Virtual size: 264B

_RDATA Size: 119KB - Virtual size: 119KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 804B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 68KB - Virtual size: 82KB

.pdata
Size: 42KB - Virtual size: 41KB

.nv_fatb
Size: 7.7MB - Virtual size: 7.7MB

.nvFatBi
Size: 512B - Virtual size: 264B

_RDATA
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 804B