96c1f1b47cd9329b5607e05bdb043f88b02932a5689b7970907ec32443d7d126

Sharing

Copy URL Twitter E-mail

General

Target

96c1f1b47cd9329b5607e05bdb043f88b02932a5689b7970907ec32443d7d126
Size

81KB
MD5

162b0415f31d2ca068d153c757028530
SHA1

357d8a9ff0b513b609b4f823e4c2b1b7abf5eed7
SHA256

96c1f1b47cd9329b5607e05bdb043f88b02932a5689b7970907ec32443d7d126
SHA512

cbae077efe9d5216a527131d97353e0a7914e0a6be4ef816d3ca7f3a59e9e0443df28169b50520f35e40082462a5d607550f5667151c8980532cdde7dede2148
SSDEEP

1536:ec1TeMXgXhW/huhkz7lRm+MUipO9dU9WSY+A37feaCMJDmYsLIb4PvYqHB/AdGg:t1qMQ8huhkz7lRm+AOPU9WSDADeak7d4

Score

N/A

Malware Config

Signatures

Files

96c1f1b47cd9329b5607e05bdb043f88b02932a5689b7970907ec32443d7d126
.exe windows x86

47ecd96d91d25401c24c35616e826a49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

libassy

?ASSY_comp_name_of_old_comp@@YAPADI@Z

libassybox

?UGTRUSHAPE_load_image@@YAPAUUGTRUSHAPE_vtbl_s@@XZ

libocc

?OCC_load_out_of_date_structure@@YAXII@Z
?OCC_REG_convert_mcs_with_validation@@YAHI_N0PAHPAPAPAD@Z
?OCC_REG_convert_remembered_mcs@@YAHIPAVAutoSet@OM@UGS@@@Z
?OccAskMatingConditionsExist@@YA_NI_N@Z

libpart

?PART_ask_release_number@@YAHI@Z
?PART_cleanup@@YAXI@Z
?PART_set_refile_cleanup_options@@YAXPAI@Z
?PART_ask_occ_part_of_part@@YAII@Z
?PART_refacet_jt_bodies_in_part@@YAXI_N@Z
?PART__set_refile_mode@@YAX_N@Z
?PART_partClassId@UGS@@3HA
?BASE_part_save_as@@YAXIPBDPAH1_N1@Z
?PART_ask_filename_of_part@@YAPADI@Z
?PART_set_modified@@YAXI@Z
?PART_anonymize_history@@YAXI@Z

libpartdisp

?pat010@@YAHXZ

libpartmodl

?bui_Export_UserFeature_uf@@YAXP6AXXZ@Z
?UDF_save_part@@YAXPAPADPAH@Z
?set_udf_status@@YAXPAH@Z

libsyss

?TEXT_cs_set_korean_conversion@@YAXP6AXP6APAEPAD@Z@Z@Z
?CFI_get_file_type@@YAHPBDPAH@Z
?OM_set_korean_conversion_fn@@YAXP6APAEPAD@Z@Z
?IsSet@EnvironmentVariable@System@UGS@@QBE_NXZ
?SM_alloc@@YAPAXI@Z
??1EnvironmentVariable@System@UGS@@QAE@XZ
?Convert@Severe@Error@UGS@@QAEABVException@23@ABVexception@std@@@Z
?MACH_set_program_name@@YAXPBD@Z
?ERROR_ask_system_log@@YAPADXZ
?CFI_is_part_file_type_for_open@@YA_NPBD@Z
?SM_string_copy@@YAPADPBD@Z
?UG_ask_current_part_revision@@YAHXZ
?MACH__checking_level@@3HA
?OM_check_tag_class@@YAIPBDHIH@Z
?nat110@@YAPADPBD@Z
?OM_create_auto_set@@YAPAVAutoSet@OM@UGS@@PAX@Z
?OM_sizeof_auto_set@@YAHPAVAutoSet@OM@UGS@@@Z
?OM_delete_object@@YAXPAX@Z
?OM_check_world@@YAXXZ
?OM_verify_world@@YAXXZ
??0EnvironmentVariable@System@UGS@@QAE@PBD@Z
?ERROR_lprintf@@YAHPBDZZ
??8UGS@@YA_NABVUString@0@0@Z
??0UString@UGS@@QAE@XZ
??1UString@UGS@@QAE@XZ
?free@CppMemory@Memory@UGS@@SAXPAX@Z
?allocate@CppMemory@Memory@UGS@@SAPAXI@Z
?SM_free@@YAXPAX@Z
?SM_string_copy_persistent@@YAPADPBD@Z
?ENV_ask_version@@YAXPAUENV_version_s@@@Z
?ERROR_filter_exception@@YAHHPAU_EXCEPTION_POINTERS@@@Z
??1FileManager@CFI@System@UGS@@QAE@XZ
??0Severe@Error@UGS@@QAE@XZ
?CFI_ask_file_protection@@YAHPBDHPAH@Z
?GetOwnerName@FileManager@CFI@System@UGS@@QBEHPAVUString@4@@Z
??0FileManager@CFI@System@UGS@@QAE@PBD@Z
?CFI_ask_file_dates@@YAHPBDHQAH@Z
?CFI_modify_file_protection@@YAHPBDHHH@Z
?SetOwnerName@FileManager@CFI@System@UGS@@QBEHABVUString@4@@Z
?CFI_set_file_dates@@YAHPBDHQAH@Z
?ERROR_decode@@YAPADH@Z
?askCode@Exception@Error@UGS@@QBEHXZ
??1Severe@Error@UGS@@UAE@XZ
?fm1500@@YAXPBUFSPEC@@PBHPAH@Z
?SM_sprintf@@YAPADPBDZZ
?SM_string_ncopy@@YAPADPBDH@Z
?STR_snprintf@@YAHPADIPBDZZ

libufun

UF_MISC_set_program_name
UF_initialize
uc4565
uc4508
uc4518
uc4601
uc4549
UF_terminate
uc4573
uc4564
uc4603
uc4577
uc4576
uc4514
uc4561
uc4540
uc4504
UF_ASSEM_ask_assem_options
UF_ASSEM_set_assem_options
UF_PART_open
UF_PART_ask_num_parts
UF_PART_ask_nth_part
UF_PART_ask_compression_flags
UF_PART_set_compression_flags
UF_ASSEM_find_immed_old_comps
UF_ASSEM_upgrade_to_instances
UF_free
UF_DRAW_ask_drawings
UF_OBJ_ask_name
UF_DRAW_is_object_out_of_date
UF_DRAW_refile_drawings
uc4524
UF_PART_save
UF_PART_save_work_only
UF_PART_close_all
uc4623
uc4509
uc4600
uc4575
uc4563
UF_get_fail_message
uc4548
uc4567

msvcr90

__CxxFrameHandler3
_crt_debugger_hook
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??3@YAXPAX@Z
?terminate@@YAXXZ
_except_handler3
memset
strncpy
__RTDynamicCast
printf
strstr

kernel32

Sleep
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange

Exports

Exports

?NXSigningResource@@YAXXZ

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47ecd96d91d25401c24c35616e826a49

Headers

DLL Characteristics

File Characteristics

Imports

libassy

libassybox

libocc

libpart

libpartdisp

libpartmodl

libsyss

libufun

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 39KB - Virtual size: 38KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 39KB - Virtual size: 38KB