28e071fe50bd3404fe5c8e2fa9e37870N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

28e071fe50bd3404fe5c8e2fa9e37870N.exe
Size

207KB
MD5

28e071fe50bd3404fe5c8e2fa9e37870
SHA1

a525b8fd9589d4faeba5146b2f1047a734f7d24f
SHA256

edff76f207b01d3adcdd44caef8b408f875ff40184dd6f1a4a228b1f14f82212
SHA512

5e415acc07585d5e704aebcde7ae8ce594447a1e30dd4c050b9fc901241e42fde9965f547cfa6ac1be5abe4bebc6f2d4a3c1ebe34b10a7d0f7134f1b5bf10231
SSDEEP

6144:ooknQN35sVGq1HMkcGMRDOHTKj4T3kW3Bc:ooknQLrtGMRw+4T3kUBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e071fe50bd3404fe5c8e2fa9e37870N.exe

Files

28e071fe50bd3404fe5c8e2fa9e37870N.exe
.exe windows:5 windows x86 arch:x86

51596f0f30f94c9b8ddf648edd92f65e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\sddpcb_Exec\GenerateECO\ix2k\GenerateECO.pdb

Imports

icdbpi

?SetStringResultsEnabled@Result@iCDB@@SAX_N@Z
??4String@iCDB@@QAEAAV01@PBD@Z
??1ProjectData@iCDB@@QAE@XZ
??0Result@iCDB@@QAE@XZ
??0ProjectData@iCDB@@QAE@XZ
??1ListAttribute@iCDB@@QAE@XZ
??1?$ListT@UAttribute@iCDB@@@iCDB@@QAE@XZ
??M?$StringT@D@iCDB@@QBE_NABV01@@Z
??0?$IteratorT@$$CBVICesComp@iCDB@@@iCDB@@QAE@XZ
??0?$IteratorT@$$CBVICesPin@iCDB@@@iCDB@@QAE@XZ
??0?$ContainerT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAE@XZ
??0?$ContainerT@$$CBVICesPart@iCDB@@@iCDB@@QAE@XZ
??0?$IteratorT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAE@XZ
??0?$IteratorT@$$CBVIFlatNet@iCDB@@@iCDB@@QAE@XZ
??0?$ContainerT@$$CBVIPin@iCDB@@@iCDB@@QAE@XZ
?OpenCDB@CDBPI@iCDB@@QAE?AUResult@2@AAUProjectData@2@@Z
??1?$ContainerT@$$CBVICesConfig@iCDB@@@iCDB@@QAE@XZ
??4Result@iCDB@@QAEAAU01@ABU01@@Z
?GetDescription@Result@iCDB@@QBE?AVString@2@_N@Z
??BString@iCDB@@QBEPBDXZ
?GetSnapshotByName@CDBPI@iCDB@@QAE?AUResult@2@AAV?$ContainerT@$$CBVISnapshot@iCDB@@@2@ABVString@2@@Z
??C?$ContainerT@$$CBVISnapshot@iCDB@@@iCDB@@QAEPBVISnapshot@1@XZ
?GetCesConfig@ISnapshot@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVICesConfig@iCDB@@@2@ABVString@2@@Z
??MIndex@iCDB@@QBE_NABU01@@Z
??1?$StringT@D@iCDB@@QAE@XZ
??4?$ContainerT@$$CBVIFlatNet@iCDB@@@iCDB@@QAEABV01@ABV01@@Z
??0?$ContainerT@$$CBVIFlatNet@iCDB@@@iCDB@@QAE@ABV01@@Z
??C?$ContainerT@$$CBVICesConfig@iCDB@@@iCDB@@QAEPBVICesConfig@1@XZ
?GetIterCesComps@ICesConfig@iCDB@@QBE?AUResult@2@AAV?$IteratorT@$$CBVICesComp@iCDB@@@2@@Z
?IsValid@?$IteratorT@$$CBVICesComp@iCDB@@@iCDB@@QAE?AUResult@2@XZ
?GetIndex@IObject@iCDB@@QBE?AUResult@2@AAUIndex@2@@Z
?GetParentPart@ICesComp@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVICesPart@iCDB@@@2@@Z
??C?$ContainerT@$$CBVICesPart@iCDB@@@iCDB@@QAEPBVICesPart@1@XZ
??_5?$BitContainerT@W4ECesPinType@iCDB@@$00@iCDB@@QAEAAV01@ABW4ECesPinType@1@@Z
?GetIterPins@ICesComp@iCDB@@QBE?AUResult@2@AAV?$IteratorT@$$CBVICesPin@iCDB@@@2@ABV?$BitContainerT@W4ECesPinType@iCDB@@$00@2@@Z
?IsValid@?$IteratorT@$$CBVICesPin@iCDB@@@iCDB@@QAE?AUResult@2@XZ
??C?$ContainerT@$$CBVICesPin@iCDB@@@iCDB@@QAEPBVICesPin@1@XZ
?GetParentPhysicalNet@ICesPin@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVICesPhysicalNet@iCDB@@@2@@Z
??C?$ContainerT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAEPBVICesPhysicalNet@1@XZ
??E?$IteratorT@$$CBVICesPin@iCDB@@@iCDB@@QAEABV01@XZ
??E?$IteratorT@$$CBVICesComp@iCDB@@@iCDB@@QAEABV01@XZ
?GetIterPhysicalNets@ICesConfig@iCDB@@QBE?AUResult@2@AAV?$IteratorT@$$CBVICesPhysicalNet@iCDB@@@2@@Z
?IsValid@?$IteratorT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAE?AUResult@2@XZ
??1?$ContainerT@$$CBVIPin@iCDB@@@iCDB@@QAE@XZ
??1?$IteratorT@$$CBVIFlatNet@iCDB@@@iCDB@@QAE@XZ
??1?$IteratorT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAE@XZ
??1?$ContainerT@$$CBVICesPart@iCDB@@@iCDB@@QAE@XZ
??1?$ContainerT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAE@XZ
??1?$IteratorT@$$CBVICesPin@iCDB@@@iCDB@@QAE@XZ
??1?$IteratorT@$$CBVICesComp@iCDB@@@iCDB@@QAE@XZ
?GetIterPins@ICesPhysicalNet@iCDB@@QBE?AUResult@2@AAV?$IteratorT@$$CBVICesPin@iCDB@@@2@ABV?$BitContainerT@W4ECesPinType@iCDB@@$00@2@@Z
??E?$IteratorT@$$CBVICesPhysicalNet@iCDB@@@iCDB@@QAEABV01@XZ
?GetAttribute@IObjectCes@iCDB@@QBE?AUResult@2@ABVString@2@AAV42@@Z
??0?$BitContainerT@W4ECesPinType@iCDB@@$00@iCDB@@QAE@ABW4ECesPinType@1@@Z
?GetPin@ICesPin@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVIPin@iCDB@@@2@@Z
?GetPath@IPin@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVIPath@iCDB@@@2@@Z
?GetFlatNet@ICesPhysicalNet@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVIFlatNet@iCDB@@@2@@Z
??0?$ContainerT@$$CBVICesComp@iCDB@@@iCDB@@QAE@XZ
?GetParentCesComp@ICesPin@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVICesComp@iCDB@@@2@@Z
??1?$ContainerT@$$CBVICesComp@iCDB@@@iCDB@@QAE@XZ
??_5?$BitContainerT@W4ESearchParams@iCDB@@$00@iCDB@@QAEAAV01@ABW4ESearchParams@1@@Z
??0?$ContainerT@$$CBVIFlatNet@iCDB@@@iCDB@@QAE@XZ
??1?$ContainerT@$$CBVIFlatNet@iCDB@@@iCDB@@QAE@XZ
??0?$IteratorT@$$CBVINet@iCDB@@@iCDB@@QAE@XZ
??0?$ContainerT@$$CBVIPath@iCDB@@@iCDB@@QAE@XZ
??D?$ContainerT@$$CBVIFlatNet@iCDB@@@iCDB@@QAEABVIFlatNet@1@XZ
?GetIterNetsConnected@IFlatNet@iCDB@@QBE?AUResult@2@AAV?$IteratorT@$$CBVINet@iCDB@@@2@@Z
?IsValid@?$IteratorT@$$CBVINet@iCDB@@@iCDB@@QAE?AUResult@2@XZ
??C?$ContainerT@$$CBVINet@iCDB@@@iCDB@@QAEPBVINet@1@XZ
?GetLabel@INet@iCDB@@QBE?AUResult@2@AAVString@2@@Z
?GetPath@INet@iCDB@@QBE?AUResult@2@AAV?$ContainerT@$$CBVIPath@iCDB@@@2@@Z
??C?$ContainerT@$$CBVIPath@iCDB@@@iCDB@@QAEPBVIPath@1@XZ
?GetHierarchicalName@IPath@iCDB@@QBE?AUResult@2@AAVString@2@D@Z
?IsEmpty@?$StringT@D@iCDB@@QBE_NXZ
??HString@iCDB@@QAE?AV01@PBD@Z
??HString@iCDB@@QAE?AV01@ABV01@@Z
??E?$IteratorT@$$CBVINet@iCDB@@@iCDB@@QAEABV01@XZ
??1?$ContainerT@$$CBVIPath@iCDB@@@iCDB@@QAE@XZ
??1?$IteratorT@$$CBVINet@iCDB@@@iCDB@@QAE@XZ
??0?$BitContainerT@W4ESearchParams@iCDB@@$00@iCDB@@QAE@ABW4ESearchParams@1@@Z
?Compare@String@iCDB@@QBEHABV12@ABV?$BitContainerT@W4ESearchParams@iCDB@@$00@2@@Z
??C?$ContainerT@$$CBVIPin@iCDB@@@iCDB@@QAEPBVIPin@1@XZ
?GetAttributes@IPin@iCDB@@QBE?AUResult@2@AAVListAttribute@2@@Z
??0?$ListT@UAttribute@iCDB@@@iCDB@@QAE@XZ
??C?$ContainerT@$$CBVICesComp@iCDB@@@iCDB@@QAEPBVICesComp@1@XZ
?GetAttributes@IObjectCes@iCDB@@QBE?AUResult@2@AAVListAttribute@2@@Z
?Unique@ListAttribute@iCDB@@QAE_N_N0@Z
?GetIterator@?$ListT@UAttribute@iCDB@@@iCDB@@QAE?AVIterator@12@XZ
?IsValid@Iterator@?$ListT@UAttribute@iCDB@@@iCDB@@QBE_NXZ
??CIterator@?$ListT@UAttribute@iCDB@@@iCDB@@QAEPAUAttribute@2@XZ
??DIterator@?$ListT@UAttribute@iCDB@@@iCDB@@QAEAAUAttribute@2@XZ
??BIndex@iCDB@@QBE_KXZ
??8Index@iCDB@@QAE_N_K@Z
?IsEmpty@Index@iCDB@@QBE_NXZ
??0Index@iCDB@@QAE@XZ
??0String@iCDB@@QAE@XZ
??4String@iCDB@@QAEAAV01@ABV01@@Z
??0String@iCDB@@QAE@ABV01@@Z
??0String@iCDB@@QAE@PBD@Z
??1String@iCDB@@QAE@XZ
?CloseCDB@CDBPI@iCDB@@QAE?AUResult@2@XZ
??1Result@iCDB@@UAE@XZ
??0CDBPI@iCDB@@QAE@XZ
??0?$ContainerT@$$CBVISnapshot@iCDB@@@iCDB@@QAE@XZ
??0?$ContainerT@$$CBVICesConfig@iCDB@@@iCDB@@QAE@XZ
??1CDBPI@iCDB@@UAE@XZ
??1?$ContainerT@$$CBVISnapshot@iCDB@@@iCDB@@QAE@XZ
??EIterator@?$ListT@UAttribute@iCDB@@@iCDB@@QBEABV012@XZ

mfc90

ord2082
ord4479
ord2481
ord3013
ord404
ord5520
ord3718
ord4145
ord1555
ord1252
ord406
ord2490
ord2501
ord4308
ord3010
ord665
ord5963
ord942
ord2698
ord5923
ord2691
ord5835
ord2327
ord4507
ord4506
ord1339
ord1607
ord4392
ord2480
ord5997
ord2672
ord941
ord945
ord2539
ord300
ord6676
ord6682
ord1603
ord3213
ord305
ord1611
ord817
ord265
ord899
ord4431
ord1114
ord1174
ord793
ord589
ord1275
ord820
ord316
ord310
ord601
ord798
ord800
ord663

msvcr90

__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
sprintf
islower
toupper
isdigit
memset
_getcwd
strncmp
_stat32
strchr
_mbclen
_mbsrchr
_mbschr
strrchr
fflush
fopen
fclose
_access
_vsnprintf
memcpy
fwrite
srand
_initterm
_time32
_ctime32
_difftime32
fprintf
getenv
atoi
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_controlfp_s
_invoke_watson
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_localtime64_s
_crt_debugger_hook
_except_handler4_common
_time64
strftime
rand

kernel32

GetDateFormatA
InterlockedExchange
CreateDirectoryA
RemoveDirectoryA
Sleep
MoveFileA
CopyFileA
GetCurrentDirectoryA
FormatMessageA
LocalFree
FindClose
FindFirstFileA
GetFileAttributesA
GetLastError
DeleteFileA
GetCommandLineA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedCompareExchange
VerifyVersionInfoA
VerSetConditionMask
GetProcAddress
SetThreadLocale
GetThreadLocale
GetTimeFormatA

msvcp90

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

projectfileutilities

?GetiCDBDir@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetPCBRootBlock@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetiCDBDedicatedServerName@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetFrontEndSnapshot@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetActiveiCDBDesign@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?SetActiveiCDBDesign@CProjectFileUtils@@QAEHPBD@Z
?GetPCBPath@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetProjectFilePath@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetPCBDesign@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?CloseProjectFile@CProjectFileUtils@@QAEXXZ
??0CProjectFileUtils@@QAE@PBD@Z
??1CProjectFileUtils@@QAE@XZ
?OpenProjectFile@CProjectFileUtils@@QAEHPBD@Z
?GetFlowType@CProjectFileUtils@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51596f0f30f94c9b8ddf648edd92f65e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

icdbpi

mfc90

msvcr90

kernel32

msvcp90

projectfileutilities

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 74KB - Virtual size: 76KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 74KB - Virtual size: 76KB