06ad484d51214c0333e2d41a715601af171ed39341623aae4b7173fb78378cf0

Sharing

Copy URL Twitter E-mail

General

Target

06ad484d51214c0333e2d41a715601af171ed39341623aae4b7173fb78378cf0
Size

782KB
MD5

f6160e22cf4c54038c3aab33073af70c
SHA1

903fb2f0268011b0afb2af12f6a99a3bdda31ef0
SHA256

06ad484d51214c0333e2d41a715601af171ed39341623aae4b7173fb78378cf0
SHA512

8c9a132c508a8cbb90f5691d1ce9d6fdb7024883efed4ec0b214f0a979280c180815c6c764870a3394a66ee2a98729b125a2271a525ce333a7fbd926fb0b8303
SSDEEP

12288:SNueyQSPMC0ybTgpWpBZ9F/iUPCLCsn/6oz1ENF8qX:SYey3PTbTrvkyCLCw6qaNSq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ad484d51214c0333e2d41a715601af171ed39341623aae4b7173fb78378cf0

Files

06ad484d51214c0333e2d41a715601af171ed39341623aae4b7173fb78378cf0
.exe windows:6 windows x64 arch:x64

d9f5a01e41f36d348c410ff48c12d74a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\dev\ocrengine\bin\x64\Release\2345OCRExecutor.pdb

Imports

paddle_inference

??$CopyToCpu@M@Tensor@paddle_infer@@QEAAXPEAM@Z
?SetTRTDynamicShapeInfo@AnalysisConfig@paddle@@QEAAXV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$vector@HV?$allocator@H@std@@@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$vector@HV?$allocator@H@std@@@2@@std@@@2@@std@@00_N@Z
?SetMkldnnCacheCapacity@AnalysisConfig@paddle@@QEAAXH@Z
??1Tensor@paddle_infer@@QEAA@XZ
?SwitchIrOptim@AnalysisConfig@paddle@@QEAAXH@Z
?SwitchUseFeedFetchOps@AnalysisConfig@paddle@@QEAAXH@Z
?SwitchSpecifyInputNames@AnalysisConfig@paddle@@QEAAX_N@Z
??0AnalysisConfig@paddle@@QEAA@XZ
??1AnalysisConfig@paddle@@QEAA@XZ
?SetModel@AnalysisConfig@paddle@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?EnableUseGpu@AnalysisConfig@paddle@@QEAAX_KH@Z
?DisableGpu@AnalysisConfig@paddle@@QEAAXXZ
?EnableTensorRtEngine@AnalysisConfig@paddle@@QEAAXHHHW4Precision@12@_N1@Z
?EnableMKLDNN@AnalysisConfig@paddle@@QEAAXXZ
?SetCpuMathLibraryNumThreads@AnalysisConfig@paddle@@QEAAXH@Z
?EnableMemoryOptim@AnalysisConfig@paddle@@QEAAXXZ
?DisableGlogInfo@AnalysisConfig@paddle@@QEAAXXZ
?CreatePredictor@paddle_infer@@YA?AV?$shared_ptr@VPredictor@paddle_infer@@@std@@AEBUAnalysisConfig@paddle@@@Z
?GetInputNames@Predictor@paddle_infer@@QEAA?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?GetInputHandle@Predictor@paddle_infer@@QEAA?AV?$unique_ptr@VTensor@paddle_infer@@U?$default_delete@VTensor@paddle_infer@@@std@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?Run@Predictor@paddle_infer@@QEAA_NXZ
?GetOutputNames@Predictor@paddle_infer@@QEAA?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?GetOutputHandle@Predictor@paddle_infer@@QEAA?AV?$unique_ptr@VTensor@paddle_infer@@U?$default_delete@VTensor@paddle_infer@@@std@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?Reshape@Tensor@paddle_infer@@QEAAXAEBV?$vector@HV?$allocator@H@std@@@std@@@Z
??$CopyFromCpu@M@Tensor@paddle_infer@@QEAAXPEBM@Z
?shape@Tensor@paddle_infer@@QEBA?AV?$vector@HV?$allocator@H@std@@@std@@XZ

opencv_world451

?copyTo@Mat@cv@@QEBAXAEBV_OutputArray@2@@Z
?imread@cv@@YA?AVMat@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?polylines@cv@@YAXAEBV_InputOutputArray@1@PEBQEBV?$Point_@H@1@PEBHH_NAEBV?$Scalar_@N@1@HHH@Z
?imwrite@cv@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV_InputArray@1@AEBV?$vector@HV?$allocator@H@std@@@3@@Z
?split@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@@Z
?resize@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@V?$Size_@H@1@NNH@Z
?copyMakeBorder@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@HHHHHAEBV?$Scalar_@N@1@@Z
?merge@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@@Z
?extractChannel@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@H@Z
?convertTo@Mat@cv@@QEBAXAEBV_OutputArray@2@HNN@Z
?findContours@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@1HHV?$Point_@H@1@@Z
?minAreaRect@cv@@YA?AVRotatedRect@1@AEBV_InputArray@1@@Z
?boxPoints@cv@@YAXVRotatedRect@1@AEBV_OutputArray@1@@Z
?fillPoly@cv@@YAXAEBV_InputOutputArray@1@PEAPEBV?$Point_@H@1@PEBHHAEBV?$Scalar_@N@1@HHV31@@Z
?mean@cv@@YA?AV?$Scalar_@N@1@AEBV_InputArray@1@0@Z
?zeros@Mat@cv@@SA?AVMatExpr@2@HHH@Z
?transpose@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@@Z
?flip@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@H@Z
?warpPerspective@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@0V?$Size_@H@1@HHAEBV?$Scalar_@N@1@@Z
??0Mat@cv@@QEAA@AEBV01@AEBV?$Rect_@H@1@@Z
??0Mat@cv@@QEAA@HHH@Z
??4Mat@cv@@QEAAAEAV01@$$QEAV01@@Z
?getPerspectiveTransform@cv@@YA?AVMat@1@QEBV?$Point_@M@1@0H@Z
?getStructuringElement@cv@@YA?AVMat@1@HV?$Size_@H@1@V?$Point_@H@1@@Z
??0Mat@cv@@QEAA@HHHPEAX_K@Z
??0Mat@cv@@QEAA@AEBV01@@Z
?threshold@cv@@YANAEBV_InputArray@1@AEBV_OutputArray@1@NNH@Z
?dilate@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@0V?$Point_@H@1@HHAEBV?$Scalar_@N@1@@Z
?rotate@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@H@Z
??0Mat@cv@@QEAA@$$QEAV01@@Z
??0Mat@cv@@QEAA@XZ
??1Mat@cv@@QEAA@XZ

kernel32

LoadLibraryW
ResetEvent
WriteConsoleW
HeapSize
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetFileType
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitThread
GetModuleHandleExW
ExitProcess
RaiseException
RtlPcToFileHeader
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
OutputDebugStringA
GetLogicalProcessorInformation
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
CloseHandle
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetExitCodeThread
QueryPerformanceCounter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WaitForSingleObject
ReleaseMutex
OpenMutexW
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
GetACP
GetModuleFileNameW
RtlUnwind
FreeLibrary
LoadLibraryExW
CreateFileW
HeapFree
GetVersionExW
HeapAlloc
GetProcessHeap
ReadFile
WriteFile
SetEndOfFile
GetFullPathNameW
lstrlenW
FindNextFileW
FindClose
InitializeCriticalSection
CreateTimerQueue
SetEvent
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority

Sections

.text
Size: 486KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9f5a01e41f36d348c410ff48c12d74a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

paddle_inference

opencv_world451

kernel32

Sections

.text Size: 486KB - Virtual size: 485KB

.rdata Size: 183KB - Virtual size: 182KB

.data Size: 12KB - Virtual size: 20KB

.pdata Size: 26KB - Virtual size: 26KB

.rsrc Size: 69KB - Virtual size: 68KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 486KB - Virtual size: 485KB

.rdata
Size: 183KB - Virtual size: 182KB

.data
Size: 12KB - Virtual size: 20KB

.pdata
Size: 26KB - Virtual size: 26KB

.rsrc
Size: 69KB - Virtual size: 68KB

.reloc
Size: 5KB - Virtual size: 4KB