af144fd4352fe41827fc1d7b60d20225b14a17249ebd44e67e5386d765f7e461

Sharing

Copy URL Twitter E-mail

General

Target

af144fd4352fe41827fc1d7b60d20225b14a17249ebd44e67e5386d765f7e461
Size

101KB
MD5

14b5f001f722483a27b828c803d62900
SHA1

9e092dcc9393051f619af9b3cd92cdc70d62bd6d
SHA256

af144fd4352fe41827fc1d7b60d20225b14a17249ebd44e67e5386d765f7e461
SHA512

003e0eb3f8dc03a58295951c9e89410ed2c4f0f604e1328a7251a51bcc254381f5549ba4d0cd8e544bf6dca51a7871d6748998b638131f85e743b1a0d3a72e83
SSDEEP

3072:ztBYulGAJOyYa8W/7VCApdIxCkLUGoxX+f9GVNDM:BBYrUOy1kAYSGop+1QNA

Score

N/A

Malware Config

Signatures

Files

af144fd4352fe41827fc1d7b60d20225b14a17249ebd44e67e5386d765f7e461
.exe windows x86

18408334ab015eaa8019283caf6e3585

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

libassy

?ASSY_set_use_current_cset@@YAX_N@Z
?ASSY_ask_use_current_cset@@YA_NXZ
?ASSY_set_component_load_option@@YAXH@Z

libassybox

?CLEAR_find_dataset@@YAHIPADPAI@Z
?ZONE_delete_zone@@YAXI@Z
?CLEAR_do_batch_clr_anl@@YAHIHHI@Z
?FLTR_evaluate@@YAHIIPAI@Z
?FLTR_create@@YAHIABVUString@UGS@@0PAI@Z
?ZONE_create_box_zone@@YAIIPBDQAN11@Z
?CLEAR_ask_max_clearance_zone@@YAXIPAN@Z
?CLEAR_print_all_interferences@@YAHI@Z
?CLEAR_print_summary@@YAHI@Z
?CLEAR_do_clearance_analysis@@YAHIPAVOM_tag_map@UGS@@PA_N@Z
?CLEAR_terminate@@YAXXZ
?CLEAR_initialize@@YAXXZ
?FLTR_delete@@YAHI@Z
?CLEAR_ask_next_dataset@@YAIII@Z
?CLEAR_create_dataset@@YAHIPADPAI@Z
?CLEAR_ask_dataset_name@@YAXIPADPAH@Z
?CLEAR_ask_batch_options@@YAHIPAD0PA_N@Z
?CLEAR_set_batch_options@@YAHIPAD0_N@Z
?CLEAR_set_printf_cb@@YAXP6AXPAXPBDPAD@Z0@Z
?CLEAR_ask_preferences@@YAHIPAH0@Z
?CLEAR_set_preferences@@YAHIHH@Z
?CLEAR_ask_save_interf_options@@YAHIPA_NPAH1111@Z
?CLEAR_set_save_interf_options@@YAHI_NHHHHH@Z
?CLEAR_set_assy_zones@@YAHI_NPAH@Z
?CLEAR_ask_assy_zones@@YAHIPA_NPAH@Z

libocc

?OCC_ask_root_of_occ_part@@YAII@Z
?CSET_delete_component_set@@YAXI@Z
?CSET_not_in_set@@YAXIIPAI@Z
?CSET_establish_all_comps_set@@YAII@Z
?OCC_apply_to_part_occ_tree@@YAXIP6A_NIPAX@Z0W4OCC_traversal_type_t@@@Z

libpart

?PART_partClassId@UGS@@3HA
?PART_name_for_display@@YAPADW4PART_name_display_e@@PBD@Z
?ES_ask_entity_subtype@@YAHI@Z
?ES_cycle_entities_by_type@@YAXIHPAI@Z
?CONTEXT_ask_work_part@@YAIXZ
?PART_ask_occ_part_of_part@@YAII@Z
?PART_load_cset@@YA_NIPAUUF_PART_load_status_s@@PAUPROGRESS_step_s@@@Z
?PART_unload_cset@@YAXIW4PART_delete_mode_e@@@Z
?PART_ask_ps_scale_factors@@YAXIPAN0@Z

libpartutils

?BBOX_has_box@@YA_NI@Z
?BBOX_ask_corners@@YA_NIQAUVector3@Math@UGS@@@Z

libsyss

?STR_compare_i@@YAHPBD0@Z
?OM_check_tag_class@@YAIPBDHIH@Z
?MACH__checking_level@@3HA
?STR_snprintf@@YAHPADIPBDZZ
?nat110@@YAPADPBD@Z
??4UString@UGS@@QAEAAV01@ABV01@@Z
??BUStringFormatter@UGS@@QBE?AVUString@1@XZ
??RUStringFormatter@UGS@@QAEAAV01@PBD@Z
?format@UString@UGS@@SA?AVUStringFormatter@2@PBD@Z
?SM_alloc@@YAPAXI@Z
??0UString@UGS@@QAE@XZ
?MAIL_send_mail@@YAXPBD0@Z
?ARG_init_module@@YAXHPAPAD@Z
?ERROR_lprintf@@YAHPBDZZ
??0?$basic_string@DU?$char_traits@D@std@@V?$SMAlloc@D@Memory@UGS@@@std@@QAE@PBD@Z
??1UStringFormatter@UGS@@QAE@XZ
??0UString@UGS@@QAE@PBD@Z
??0Severe@Error@UGS@@QAE@XZ
?Convert@Severe@Error@UGS@@QAEABVException@23@ABVexception@std@@@Z
?reThrow@Exception@Error@UGS@@QBEXXZ
??1Severe@Error@UGS@@UAE@XZ
?ERROR_note@@YAXPBDH0ZZ
?ARG_get_switch@@YAPBDPBDHPAH@Z
?ERROR_decode@@YAPADH@Z
?ARG_get_count@@YAHXZ
?ARG_get_argument@@YAPBDH@Z
?SM_free@@YAXPAX@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$SMAlloc@D@Memory@UGS@@@std@@QAE@XZ
??1UString@UGS@@QAE@XZ

libjam

?JAM_check_availability@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$SMAlloc@D@Memory@UGS@@@std@@@Z

libufun

UF_MISC_set_program_name
UF_initialize
UF_UGMGR_terminate
UF_terminate
UF_UGMGR_initialize
UF_UGMGR_set_file_export_status
UF_UGMGR_convert_name_from_cli
UF_PART_save
UF_PART_open
UF_get_fail_message
UF_free
UF_free_string_array

msvcr90

__iob_func
vfprintf
fopen
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??3@YAXPAX@Z
__RTDynamicCast
__CxxFrameHandler3
atoi
strtok
exit
fprintf

kernel32

Sleep
InterlockedCompareExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedExchange

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18408334ab015eaa8019283caf6e3585

Headers

DLL Characteristics

File Characteristics

Imports

libassy

libassybox

libocc

libpart

libpartutils

libsyss

libjam

libufun

msvcr90

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 78KB - Virtual size: 80KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 78KB - Virtual size: 80KB