c5598662b750d075f19dadd65e66773c3f75e21cf7fe3cca6655418e57ca64de

Sharing

Copy URL Twitter E-mail

General

Target

c5598662b750d075f19dadd65e66773c3f75e21cf7fe3cca6655418e57ca64de
Size

1.1MB
MD5

ea363c621ef17d514aee6e995f27c576
SHA1

e7059e192f2989d2d2cba7f6d19f16936869cd72
SHA256

c5598662b750d075f19dadd65e66773c3f75e21cf7fe3cca6655418e57ca64de
SHA512

87cfe4e54468f5849386bc03cd703ff0e1695d6e264cf6ef1a6c4ae708acc4f5eb9c0acad1566ed6a2acf1850115a5bbb07490b49817fef18151a548192dcb12
SSDEEP

12288:SFZLxICyjaRZIi/C3GLoGjzXsLGkFR8tzy2GO/5k/nuLNBW/AbGX5QZ4dsW5Exzo:QICGMZIi/sG9K1kGe5b8/m6QZUk69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5598662b750d075f19dadd65e66773c3f75e21cf7fe3cca6655418e57ca64de

Files

c5598662b750d075f19dadd65e66773c3f75e21cf7fe3cca6655418e57ca64de
.dll windows:5 windows x86 arch:x86

361928e3dd5197cf245aa07d7715ef07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\IPU\cvxp\ImgProc_XP_OpenCV_201110\bin\ImgProc.pdb

Imports

visioncpp

ord145
ord7447
ord7553
ord7617
ord7667
ord5924
ord5412
ord7550
ord7629
ord6165
ord7563
ord437
ord6472
ord7485
ord7517
ord5361
ord2034
ord5961
ord7525
ord6529
ord7668
ord5078
ord1008
ord6593
ord5145
ord6311
ord6693
ord6527
ord7248
ord3422
ord5284
ord6673
ord6675
ord6028
ord7277
ord7292
ord6804
ord6415
ord438
ord7302
ord5965
ord7295
ord7792
ord5487
ord5590
ord6059
ord7793
ord662
ord4989
ord4962
ord343
ord7118
ord6067
ord6006
ord6826
ord5476
ord5319
ord6602
ord6656
ord5889
ord6166
ord7296
ord6060
ord7206
ord1007
ord5835
ord7293
ord6802
ord5735
ord6669
ord5859
ord146
ord6960
ord4244
ord5640
ord6986
ord7317
ord5585
ord7548
ord6461
ord6456
ord7556
ord5882
ord6451
ord7396
ord7162
ord7273
ord6305
ord6306
ord5749
ord6621
ord7549
ord7508
ord6120
ord6462
ord7375
ord5472
ord6172
ord7404
ord7333
ord5035
ord5962
ord5502
ord7681
ord7795
ord7110
ord6866
ord6587
ord5338
ord7307
ord6749
ord5043
ord5863
ord5873
ord5869
ord7532
ord7747
ord7776
ord2197
ord4200
ord6976
ord7034
ord6357
ord6224
ord7181
ord5377
ord446
ord565
ord5998
ord6048
ord5091
ord7084
ord5470
ord798
ord440
ord443
ord5222
ord5243
ord5418
ord5124
ord7090
ord7743
ord144
ord439
ord6582
ord5092
ord5371
ord3416
ord705
ord7152
ord5331
ord7158
ord5497
ord7631
ord7533
ord3840
ord1212
ord1099
ord7619
ord1125
ord7151
ord7680
ord5510
ord5440
ord7244
ord5492
ord3567
ord5436
ord6136
ord1571
ord5218
ord143
ord959
ord743
ord615
ord3506
ord444
ord5410
ord685
ord7738
ord628
ord6647
ord191

kernel32

SetEnvironmentVariableA
CompareStringA
GetTimeZoneInformation
ReadFile
SetEndOfFile
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
InitializeCriticalSectionAndSpinCount
FreeLibrary
VirtualQuery
GetProcessHeap
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
VirtualAlloc
HeapReAlloc
HeapSize
HeapAlloc
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
OutputDebugStringW
WriteFile
FatalAppExitA
SetFilePointer
GetStartupInfoA
SetHandleCount
LoadLibraryW
SetConsoleCtrlHandler
ExitProcess
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleW
TlsGetValue
LoadLibraryA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
DebugBreak
GetModuleHandleA
GetProcAddress
IsBadReadPtr
HeapValidate
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CloseHandle
ExitThread
CreateThread
ResumeThread
RaiseException
DeleteFileA
GetLastError
GetStdHandle
GetFileType
WriteConsoleW
GetModuleFileNameW
RtlUnwind
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
OutputDebugStringA
Sleep
GetLocalTime
CompareStringW

user32

MessageBoxA

Exports

Exports

ArcExtract
AxbImage
BinImage
CountSeconds
CreateModel
CreateModelR
DetectLineWidth
EdgPtExtract
ExposImage
FIC
FitLine
FitLineX
GLS
GenSpline
GenSpline_tk
GetArcTop
GetChippingInfo
GetCircleScore
GetCircles
GetDecodeData
GetEdgPt
GetImgInfo
GetImgInfoP
GetKerfInfo
GetKerfInfoH
GetKerfInfoR
GetKerfNum
GetNumFound
GetOC
GetQRCodePts
GetRetFound
GetRetKerf
GetRotatedPt
Gradient
GradientE
HoughArcTop
HoughCircles
IQA
InitImpDll
KerfCheckA
KerfCheckH
LineMeasure
LutTrans
MeanDev
MinAreaRect
OCDetect
Orientation
QRCodeDetect
ReadModel
ReadModels
ReleaseImpDll
SaveImage
SearchModel
SetModelId
SetPara
WriteModel

Sections

.textbss
Size: - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 929KB - Virtual size: 929KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

361928e3dd5197cf245aa07d7715ef07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

visioncpp

kernel32

user32

Exports

Exports

Sections

.textbss Size: - Virtual size: 446KB

.text Size: 929KB - Virtual size: 929KB

.rdata Size: 162KB - Virtual size: 162KB

.data Size: 8KB - Virtual size: 96KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 43KB - Virtual size: 43KB

.textbss
Size: - Virtual size: 446KB

.text
Size: 929KB - Virtual size: 929KB

.rdata
Size: 162KB - Virtual size: 162KB

.data
Size: 8KB - Virtual size: 96KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 43KB - Virtual size: 43KB