658b608725d518d0fff0184f9c6e48d80f2a1afd6c55b36cbaa00a6cec67949c

Sharing

Copy URL Twitter E-mail

General

Target

658b608725d518d0fff0184f9c6e48d80f2a1afd6c55b36cbaa00a6cec67949c
Size

306KB
MD5

280fa8c073c3508d84a98ed7ff6a925e
SHA1

7c62887c1aebde2babf771c39454ee586bf5d6bd
SHA256

658b608725d518d0fff0184f9c6e48d80f2a1afd6c55b36cbaa00a6cec67949c
SHA512

f4b9f9d56e362e41eb9b83518ed2c6411b9d2b4a70aeb565225ca2070983c706bb08e47d61c3be2255a69c09b93f06a8cf1d17cd1b19001b719adcb092eb8111
SSDEEP

6144:TRxMIHWP0bUtZIWqt8DWHs3jhb4wcwl/9ZRvQQEkr/a:TRlvb+HE8SHs3dv/T58kr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
658b608725d518d0fff0184f9c6e48d80f2a1afd6c55b36cbaa00a6cec67949c

Files

658b608725d518d0fff0184f9c6e48d80f2a1afd6c55b36cbaa00a6cec67949c
.dll windows:6 windows x64 arch:x64

cb99134500e839a794ef7da8b0cfbc3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\Documents\vcpkg\buildtrees\imath\x64-o1-windows-rel\bin\Imath-3_1.pdb

Imports

msvcp140

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exception@std@@YA_NXZ

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
__std_terminate

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

sqrt
sqrtf
floor
_dclass
_fdclass

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm_e
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm
_seh_filter_dll

kernel32

IsDebuggerPresent
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlCaptureContext
InitializeSListHead
DisableThreadLibraryCalls

Exports

Exports

??$jacobiEigenSolver@M@Imath_3_1@@YAXAEAV?$Matrix33@M@0@AEAV?$Vec3@M@0@0M@Z
??$jacobiEigenSolver@M@Imath_3_1@@YAXAEAV?$Matrix44@M@0@AEAV?$Vec4@M@0@0M@Z
??$jacobiEigenSolver@N@Imath_3_1@@YAXAEAV?$Matrix33@N@0@AEAV?$Vec3@N@0@0N@Z
??$jacobiEigenSolver@N@Imath_3_1@@YAXAEAV?$Matrix44@N@0@AEAV?$Vec4@N@0@0N@Z
??$jacobiSVD@M@Imath_3_1@@YAXAEBV?$Matrix33@M@0@AEAV10@AEAV?$Vec3@M@0@1M_N@Z
??$jacobiSVD@M@Imath_3_1@@YAXAEBV?$Matrix44@M@0@AEAV10@AEAV?$Vec4@M@0@1M_N@Z
??$jacobiSVD@N@Imath_3_1@@YAXAEBV?$Matrix33@N@0@AEAV10@AEAV?$Vec3@N@0@1N_N@Z
??$jacobiSVD@N@Imath_3_1@@YAXAEBV?$Matrix44@N@0@AEAV10@AEAV?$Vec4@N@0@1N_N@Z
??$maxEigenVector@V?$Matrix33@M@Imath_3_1@@V?$Vec3@M@2@@Imath_3_1@@YAXAEAV?$Matrix33@M@0@AEAV?$Vec3@M@0@@Z
??$maxEigenVector@V?$Matrix33@N@Imath_3_1@@V?$Vec3@N@2@@Imath_3_1@@YAXAEAV?$Matrix33@N@0@AEAV?$Vec3@N@0@@Z
??$maxEigenVector@V?$Matrix44@M@Imath_3_1@@V?$Vec4@M@2@@Imath_3_1@@YAXAEAV?$Matrix44@M@0@AEAV?$Vec4@M@0@@Z
??$maxEigenVector@V?$Matrix44@N@Imath_3_1@@V?$Vec4@N@2@@Imath_3_1@@YAXAEAV?$Matrix44@N@0@AEAV?$Vec4@N@0@@Z
??$minEigenVector@V?$Matrix33@M@Imath_3_1@@V?$Vec3@M@2@@Imath_3_1@@YAXAEAV?$Matrix33@M@0@AEAV?$Vec3@M@0@@Z
??$minEigenVector@V?$Matrix33@N@Imath_3_1@@V?$Vec3@N@2@@Imath_3_1@@YAXAEAV?$Matrix33@N@0@AEAV?$Vec3@N@0@@Z
??$minEigenVector@V?$Matrix44@M@Imath_3_1@@V?$Vec4@M@2@@Imath_3_1@@YAXAEAV?$Matrix44@M@0@AEAV?$Vec4@M@0@@Z
??$minEigenVector@V?$Matrix44@N@Imath_3_1@@V?$Vec4@N@2@@Imath_3_1@@YAXAEAV?$Matrix44@N@0@AEAV?$Vec4@N@0@@Z
??$procrustesRotationAndTranslation@M@Imath_3_1@@YA?AV?$Matrix44@N@0@PEBV?$Vec3@M@0@0PEBM_K_N@Z
??$procrustesRotationAndTranslation@M@Imath_3_1@@YA?AV?$Matrix44@N@0@PEBV?$Vec3@M@0@0_K_N@Z
??$procrustesRotationAndTranslation@N@Imath_3_1@@YA?AV?$Matrix44@N@0@PEBV?$Vec3@N@0@0PEBN_K_N@Z
??$procrustesRotationAndTranslation@N@Imath_3_1@@YA?AV?$Matrix44@N@0@PEBV?$Vec3@N@0@0_K_N@Z
??5@YAAEAV?$basic_istream@DU?$char_traits@D@std@@@std@@AEAV01@AEAVhalf@Imath_3_1@@@Z
??6@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AEAV01@Vhalf@Imath_3_1@@@Z
?drand48@Imath_3_1@@YANXZ
?erand48@Imath_3_1@@YANQEAG@Z
?hsv2rgb_d@Imath_3_1@@YA?AV?$Color4@N@1@AEBV21@@Z
?hsv2rgb_d@Imath_3_1@@YA?AV?$Vec3@N@1@AEBV21@@Z
?identity22d@Imath_3_1@@3V?$Matrix22@N@1@A
?identity22f@Imath_3_1@@3V?$Matrix22@M@1@A
?identity33d@Imath_3_1@@3V?$Matrix33@N@1@A
?identity33f@Imath_3_1@@3V?$Matrix33@M@1@A
?identity44d@Imath_3_1@@3V?$Matrix44@N@1@A
?identity44f@Imath_3_1@@3V?$Matrix44@M@1@A
?lrand48@Imath_3_1@@YAJXZ
?nextf@Rand32@Imath_3_1@@QEAAMXZ
?nrand48@Imath_3_1@@YAJQEAG@Z
?predd@Imath_3_1@@YANN@Z
?predf@Imath_3_1@@YAMM@Z
?printBits@@YAXAEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@M@Z
?printBits@@YAXAEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@Vhalf@Imath_3_1@@@Z
?printBits@@YAXQEADM@Z
?printBits@@YAXQEADVhalf@Imath_3_1@@@Z
?rgb2hsv_d@Imath_3_1@@YA?AV?$Color4@N@1@AEBV21@@Z
?rgb2hsv_d@Imath_3_1@@YA?AV?$Vec3@N@1@AEBV21@@Z
?srand48@Imath_3_1@@YAXJ@Z
?succd@Imath_3_1@@YANN@Z
?succf@Imath_3_1@@YAMM@Z
imath_half_to_float_table

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb99134500e839a794ef7da8b0cfbc3c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 265KB - Virtual size: 264KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 60B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 265KB - Virtual size: 264KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 60B