General

  • Target

    itksnap-4.0.1-20230320-win64-AMD64.exe

  • Size

    53.7MB

  • MD5

    43ddfddd99f0d5acd4c4905f4ea19b6b

  • SHA1

    8686671e0d08321baa812d687b935838a6217015

  • SHA256

    2b0d915172fe5b670c05e2fd6d18b81825edb9c2f2724c551a251a2b03196521

  • SHA512

    1942e3973b50ba428f0f923e34190fc2cbaa9a10e7f272f94de163eafd6b66d4492ec27c7063a2636333f48ebb104b3adf1d72a9fc475bea9dbe1a7e28627540

  • SSDEEP

    786432:oJTvnwas5DT27srFLYcWiBkNM0XmgO/rtMTC3AFyMaLYL018LKwOuj+V5CVlV:oh4aGeQexM6WaGwQVY418cV5OV

Score
3/10

Malware Config

Signatures

  • Unsigned PE 17 IoCs

    Checks for missing Authenticode signature.

Files

  • itksnap-4.0.1-20230320-win64-AMD64.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    56a78d55f3f7af51443e58e0ce2fb5f6


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    4b45b7e00344a87332fbd12653854d1a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSIS.InstallOptions.ini
  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    5e62e8e248e7364886b604bd1fcf4c13


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    56a78d55f3f7af51443e58e0ce2fb5f6


    Headers

    Imports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    5e62e8e248e7364886b604bd1fcf4c13


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • bin/ITK-SNAP.exe
    .exe windows:6 windows x64 arch:x64

    Password: infected

    9c4d43f95540d207523019371365273f


    Headers

    Imports

    Exports

    Sections

  • bin/Qt6Core.dll
    .dll windows:6 windows x64 arch:x64

    Password: infected

    68a5f603c75c1cbbef00a1af6b8bd6e7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/Qt6Gui.dll
    .dll windows:6 windows x64 arch:x64

    a3d2c152601e803ab0725fc0679e7156


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/Qt6Network.dll
    .dll windows:6 windows x64 arch:x64

    908b808d1d669d84b0511afa2aa1976d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/Qt6OpenGL.dll
    .dll windows:6 windows x64 arch:x64

    6ace80b327e7039551415e5caebf5eff


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/Qt6OpenGLWidgets.dll
    .dll windows:6 windows x64 arch:x64

    8611247ac8c7b5d9b46bb69fe07c23be


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/Qt6Qml.dll
    .dll windows:6 windows x64 arch:x64

    21d3def7ed47e0cd8dabcac410bce517


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/Qt6Widgets.dll
    .dll windows:6 windows x64 arch:x64

    314be575e07273b2a063691d85ef6280


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/c2d.exe
    .exe windows:6 windows x64 arch:x64

    6ecc04b648f5ad7821b29d9b1e7a6148


    Headers

    Imports

    Sections

  • bin/c3d.exe
    .exe windows:6 windows x64 arch:x64

    6ecc04b648f5ad7821b29d9b1e7a6148


    Headers

    Imports

    Sections

  • bin/c3d_affine_tool.exe
    .exe windows:6 windows x64 arch:x64

    97620423f477ac149d059f57fd0ef10e


    Headers

    Imports

    Sections

  • bin/c4d.exe
    .exe windows:6 windows x64 arch:x64

    6ecc04b648f5ad7821b29d9b1e7a6148


    Headers

    Imports

    Sections

  • bin/dbghelp.dll
    .dll windows:10 windows x86 arch:x86

    078083409ff1dc99cb8c1e88a81cb139


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/greedy.exe
    .exe windows:6 windows x64 arch:x64

    296b562daedab73b65d7d0a01e6e2521


    Headers

    Imports

    Sections

  • bin/greedy_template_average.exe
    .exe windows:6 windows x64 arch:x64

    91d7d29095722b9b65ca68d97c91d7d2


    Headers

    Imports

    Sections

  • bin/imageformats/qgif.dll
    .dll windows:6 windows x64 arch:x64

    c4e842cf941556f8b7afdf083e1f38a2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/itksnap-wt.exe
    .exe windows:6 windows x64 arch:x64

    cfee98dc31c21a90377782634a269fa7


    Headers

    Imports

    Exports

    Sections

  • bin/libcurl.dll
    .dll windows:6 windows x64 arch:x64

    11d73e7002f6bc350032de80b7f4ddad


    Headers

    Imports

    Exports

    Sections

  • bin/platforms/qwindows.dll
    .dll windows:6 windows x64 arch:x64

    7d0b691287e0fb513d350d3c7b46085e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/zlib1.dll
    .dll windows:6 windows x64 arch:x64

    d879d2294039900ef484e0f01607f882


    Headers

    Imports

    Exports

    Sections

  • include/ConvertAPI.h
  • lib/cnd_api.lib
  • lib/cnd_driver.lib
  • lib/cnd_maxflow.lib