3aef68f51ccd275f2d22f8e1cba2b7e659a8cf19aa9e6d2d33206feeaeabe234N

Sharing

Copy URL Twitter E-mail

General

Target

3aef68f51ccd275f2d22f8e1cba2b7e659a8cf19aa9e6d2d33206feeaeabe234N
Size

173KB
MD5

a6c2b3084ea78cff6670f3d26ff6cf60
SHA1

f60f2a53cb84aa9d92af02be223c1126db36bb73
SHA256

3aef68f51ccd275f2d22f8e1cba2b7e659a8cf19aa9e6d2d33206feeaeabe234
SHA512

8e9ebe5725a7f9489404a461bb3673e54743282a5fa5f5c51b897565d90d3a7aa58d5c315cd1a6e86ed4e9db505f3371da89d7dfb74368e722c37adc4a96692f
SSDEEP

3072:0Zlq+THQhlxbK3XQYJngoz8R2o3X3Nx8nxABt:0ZlqgwhlxkQUg68R7dx8nxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aef68f51ccd275f2d22f8e1cba2b7e659a8cf19aa9e6d2d33206feeaeabe234N

Files

3aef68f51ccd275f2d22f8e1cba2b7e659a8cf19aa9e6d2d33206feeaeabe234N
.dll windows:6 windows x64 arch:x64

1b9a88f08301954e85ddfc0f5b6cf575

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

geode-simplex_metric

?build_metric@BRepMetricConstraints@geode@@QEAAAEBV?$Metric@$02@2@XZ
?set_triangulated_surface_metric@BRepMetricConstraints@geode@@QEAAXAEAV?$TriangulatedSurface@$02@2@N@Z
?set_edged_curve_metric@BRepMetricConstraints@geode@@QEAAXAEBV?$EdgedCurve@$02@2@N@Z
?set_point_set_metric@BRepMetricConstraints@geode@@QEAAXAEBV?$PointSet@$02@2@N@Z
?block_metric@BRepMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Block@$02@2@@Z
?set_block_metric@BRepMetricConstraints@geode@@QEAAXAEBV?$Block@$02@2@N@Z
?surface_metric@BRepMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Surface@$02@2@@Z
?set_surface_metric@BRepMetricConstraints@geode@@QEAAXAEBV?$Surface@$02@2@N@Z
?line_metric@BRepMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Line@$02@2@@Z
?set_line_metric@BRepMetricConstraints@geode@@QEAAXAEBV?$Line@$02@2@N@Z
?corner_metric@BRepMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Corner@$02@2@@Z
?set_corner_metric@BRepMetricConstraints@geode@@QEAAXAEBV?$Corner@$02@2@N@Z
?gradation@BRepMetricConstraints@geode@@QEBANXZ
?set_gradation@BRepMetricConstraints@geode@@QEAAXN@Z
?default_metric@BRepMetricConstraints@geode@@QEBANXZ
?set_default_metric@BRepMetricConstraints@geode@@QEAAXN@Z
?export_constraints@BRepMetricConstraints@geode@@QEAAXV?$basic_string_view@DU?$char_traits@D@std@@@std@@@Z
?import_constraints@BRepMetricConstraints@geode@@QEAAXV?$basic_string_view@DU?$char_traits@D@std@@@std@@@Z
??1BRepMetricConstraints@geode@@QEAA@XZ
??0BRepMetricConstraints@geode@@QEAA@AEBVBRep@1@@Z
?build_metric@SectionMetricConstraints@geode@@QEAAAEBV?$Metric@$01@2@XZ
?set_triangulated_surface_metric@SectionMetricConstraints@geode@@QEAAXAEAV?$TriangulatedSurface@$01@2@N@Z
?set_edged_curve_metric@SectionMetricConstraints@geode@@QEAAXAEBV?$EdgedCurve@$01@2@N@Z
?set_point_set_metric@SectionMetricConstraints@geode@@QEAAXAEBV?$PointSet@$01@2@N@Z
?surface_metric@SectionMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Surface@$01@2@@Z
?set_surface_metric@SectionMetricConstraints@geode@@QEAAXAEBV?$Surface@$01@2@N@Z
?line_metric@SectionMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Line@$01@2@@Z
?set_line_metric@SectionMetricConstraints@geode@@QEAAXAEBV?$Line@$01@2@N@Z
?corner_metric@SectionMetricConstraints@geode@@QEBA?AV?$optional@N@std@@AEBV?$Corner@$01@2@@Z
?set_corner_metric@SectionMetricConstraints@geode@@QEAAXAEBV?$Corner@$01@2@N@Z
?gradation@SectionMetricConstraints@geode@@QEBANXZ
?set_gradation@SectionMetricConstraints@geode@@QEAAXN@Z
?default_metric@SectionMetricConstraints@geode@@QEBANXZ
?set_default_metric@SectionMetricConstraints@geode@@QEAAXN@Z
?export_constraints@SectionMetricConstraints@geode@@QEAAXV?$basic_string_view@DU?$char_traits@D@std@@@std@@@Z
?import_constraints@SectionMetricConstraints@geode@@QEAAXV?$basic_string_view@DU?$char_traits@D@std@@@std@@@Z
??1SectionMetricConstraints@geode@@QEAA@XZ
??0SectionMetricConstraints@geode@@QEAA@AEBVSection@1@@Z
?initialize@SimplexMetricLibrary@geode@@SAXXZ

python312

PyThreadState_DeleteCurrent
PyExc_TypeError
PyThreadState_Clear
PyCapsule_Type
PyDict_Copy
PyObject_Str
PyUnicode_AsUTF8String
PyModule_Type
PyFrame_GetBack
PyFrame_GetCode
PyExc_IndexError
PyExc_ImportError
PyCapsule_SetPointer
_Py_TrueStruct
PyExc_SystemError
PyObject_SetItem
PyException_SetCause
PyInterpreterState_Get
PyDict_DelItemString
PyUnicode_FromString
PyEval_AcquireThread
_PyType_Lookup
PyGILState_GetThisThreadState
PyBuffer_Release
PyObject_Repr
PyByteArray_Type
PyNumber_Float
PyType_Type
PySequence_Tuple
_PyObject_GetDictPtr
PyNumber_Check
PyBytes_Size
PyCapsule_GetName
PyCapsule_New
PyException_SetTraceback
PyThread_tss_get
PyCapsule_SetContext
PyErr_Clear
PyObject_GetAttrString
PyType_Ready
PyModule_Create2
PyList_New
PyUnicode_FromFormat
PyObject_ClearWeakRefs
PyObject_GenericGetDict
PyObject_CallFunctionObjArgs
PyErr_Fetch
PyCapsule_GetPointer
PyTuple_GetItem
_Py_Dealloc
PyExc_OverflowError
PyErr_Restore
PyType_IsSubtype
PyFloat_Type
_Py_FalseStruct
PyThreadState_New
PyDict_Type
PyErr_Format
PyDict_Next
PyExc_ValueError
PyErr_WriteUnraisable
PyErr_SetString
PyByteArray_AsString
PyList_Size
PyFloat_FromDouble
PyDict_Size
PyObject_GenericSetDict
PyGILState_Ensure
PyDict_New
PyTuple_New
_Py_NotImplementedStruct
_Py_NoneStruct
PyBytes_AsStringAndSize
PyProperty_Type
PyObject_HasAttrString
PyGILState_Release
PyObject_CallObject
PyThread_tss_set
PyCMethod_New
PyTuple_SetItem
PyMem_Free
PyObject_IsInstance
PyInstanceMethod_New
PyException_SetContext
PyTuple_Size
PyList_GetItem
PyFloat_AsDouble
PyFrame_GetLineNumber
PyCapsule_GetContext
Py_GetVersion
PyDict_GetItemWithError
PyExc_MemoryError
PyInstanceMethod_Type
PyObject_GC_UnTrack
PyObject_SetAttrString
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyErr_Occurred
PyErr_NormalizeException
PyBytes_AsString
PyObject_Malloc
PyThreadState_Get
PyWeakref_NewRef
PyCFunction_Type
PyObject_SetAttr
PyExc_BufferError
PyMem_Calloc
PyBaseObject_Type
PyInterpreterState_GetDict
PyUnicode_AsEncodedString
PyThread_tss_create
PyByteArray_Size

msvcp140

?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCompare@@YA_NPEBX0@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
__std_type_info_destroy_list
__RTtypeid
strchr
__std_terminate
_CxxThrowException
__std_type_info_hash
_purecall
__std_type_info_compare
__std_exception_copy
__std_exception_destroy
__RTCastToVoid
__C_specific_handler
memset
__std_type_info_name
__RTDynamicCast
memchr
memcmp
memcpy
memmove

api-ms-win-crt-heap-l1-1-0

_aligned_free
malloc
_callnewh
free
_aligned_malloc

api-ms-win-crt-string-l1-1-0

_strdup
strcmp
strncmp

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn

kernel32

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

PyInit_geode_simplex_py_metric

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b9a88f08301954e85ddfc0f5b6cf575

Headers

DLL Characteristics

File Characteristics

Imports

geode-simplex_metric

python312

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 224B

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 224B