SIM Ver 2[.]1[.]0_BMS_LAST_TEST[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

SIM Ver 2.1.0_BMS_LAST_TEST.zip
Size

175.8MB
MD5

e22cb1e736941ce72b265d0b405f7eea
SHA1

e8ed3e7fea0365bd05a93a57a2954f31b64cc473
SHA256

775e1297d7abf73894ef8d0733e5388f6c849ff96852dac42bfb20081c3aa75b
SHA512

3b16b0cab8d1853fec67db194f4a25d045e5b4b10ce96ac50abe270349920a64646078574d735651059c4eef6bb5ae3e65999b0248063f899763ec4cc6fd118b
SSDEEP

3145728:zpPsKJvFbl/nFtPi1A0gTJsw6heO1e0QikYSBJ9rfr506bBfwlGKLG:zpPsKBFbl/FtPi20gT+BheOgbYKnD504

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack002/SIM_Installer.exe
unpack001/SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/ControlzEx.dll
unpack001/SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/DBSchemaManager.exe
unpack001/SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/MahApps.Metro.dll
unpack001/SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/Npgsql.dll
unpack001/SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/log4net.dll
unpack001/SIM Ver 2.1.0_BMS_LAST_TEST/4 SIM For copy and paste/SIM.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack002/SIM_Installer.exe	nsis_installer_1
static1/unpack002/SIM_Installer.exe	nsis_installer_2

Files

SIM Ver 2.1.0_BMS_LAST_TEST.zip
.zip
SIM Ver 2.1.0_BMS_LAST_TEST/1.SIM Ver 2.1.0_BMS_Cambodia_TEST_20210312/SIM_Installer.zip
.zip
SIM_Installer.exe
.exe windows x86

3abe302b6d9a1256e6a915429af4ffd2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
GetTickCount
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GetWindowsDirectoryA
SetCurrentDirectoryA
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
CreateThread
GlobalLock
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/doc/DBSchemaManager_v1.0.0_UserGuide_20201014.pdf
.pdf
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/ControlzEx.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/DBSchemaManager.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/DBSchemaManager.exe.config
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/MahApps.Metro.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/Microsoft.Xaml.Behaviors.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-05-2019 21:37

Not After

02-05-2020 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:e7:96:d1:fb:ca:44:0c:b7:9c:80:2c:b0:93:6f:c4:a3:ff:fb:8e:93:b1:09:b2:2a:71:d9:6c:3d:7f:3b:6f
Signer

Actual PE Digest

31:e7:96:d1:fb:ca:44:0c:b7:9c:80:2c:b0:93:6f:c4:a3:ff:fb:8e:93:b1:09:b2:2a:71:d9:6c:3d:7f:3b:6f

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

26-04-2023 11:43
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/Newtonsoft.Json.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27-04-2018 12:41

Not After

27-04-2028 12:41

Subject

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

Issuer

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Not Before

25-10-2018 00:00

Not After

29-10-2021 12:00

Subject

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-10-2019 00:00

Not After

17-10-2030 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:10:56:8e:61:ed:4a:db:b2:78:fe:51:cd:63:62:ed:e4:18:e6:f9:b5:44:af:42:d1:80:41:52:2d:66:12:81
Signer

Actual PE Digest

8c:10:56:8e:61:ed:4a:db:b2:78:fe:51:cd:63:62:ed:e4:18:e6:f9:b5:44:af:42:d1:80:41:52:2d:66:12:81

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

09-11-2019 00:56
Valid: true

Chain 1

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 673KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/Npgsql.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/OriginalSchema.sql
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/[0] Standard File/standard_20210311.JSON
SIM Ver 2.1.0_BMS_LAST_TEST/3.SIM DBSchema_20210312/SIM DBSchema_20210312/exe/log4net.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/4 SIM For copy and paste/SIM.exe
.exe windows x86

88f49faab418b05f2b3ff592f45d029b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opencv_world430

?updateContinuityFlag@Mat@cv@@QAEXXZ
?flip@cv@@YAXABV_InputArray@1@ABV_OutputArray@1@H@Z
?resize@cv@@YAXABV_InputArray@1@ABV_OutputArray@1@V?$Size_@H@1@NNH@Z
?imwrite@cv@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV_InputArray@1@ABV?$vector@HV?$allocator@H@std@@@3@@Z
?deallocate@Mat@cv@@QAEXXZ
?fastFree@cv@@YAXPAX@Z
?error@cv@@YAXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD1H@Z

libpq

ord33
ord101
ord34
ord35
ord21
ord14
ord1
ord65
ord48
ord4
ord45

ws2_32

setsockopt
WSAEnumNetworkEvents
WSACreateEvent
WSAEventSelect
WSACloseEvent
WSAStartup
WSACleanup
htons
inet_ntop
ntohs
InetPtonW
WSASocketW
WSAWaitForMultipleEvents
htonl
send
closesocket
shutdown
bind
WSARecv
WSAGetLastError
accept
WSASend
listen

kernel32

lstrcpyW
VerifyVersionInfoW
GetCurrentThread
lstrcmpA
GetFileAttributesExW
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GlobalGetAtomNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
SetErrorMode
GetTempPathW
FindResourceExW
GetWindowsDirectoryW
InitializeCriticalSectionAndSpinCount
lstrcmpiW
GetTempFileNameW
GetUserDefaultLCID
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleExW
SetCurrentDirectoryW
SetEnvironmentVariableW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
GetCPInfo
TryEnterCriticalSection
GetExitCodeThread
SwitchToThread
OutputDebugStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
VerSetConditionMask
SearchPathW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
ResumeThread
SuspendThread
SetThreadPriority
GetVersionExW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
MoveFileW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
lstrlenA
ExitProcess
GlobalSize
GetDiskFreeSpaceW
SetVolumeLabelW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetFilePointer
GetTickCount
SetFileAttributesW
lstrcatW
FormatMessageW
LocalAlloc
LocalFree
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
GetFileAttributesA
GetCurrentDirectoryW
GetDriveTypeW
GetLogicalDrives
CopyFileW
FindClose
FindNextFileW
FindFirstFileW
MulDiv
RemoveDirectoryW
DeleteFileW
WritePrivateProfileStringW
GetPrivateProfileIntW
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForMultipleObjects
PostQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
CreateThread
GetQueuedCompletionStatus
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTextAttribute
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetFileAttributesW
GetPrivateProfileStringW
GetLocalTime
CreateTimerQueueTimer
DeleteCriticalSection
InitializeCriticalSection
CancelIo
CreateEventW
DeleteTimerQueueTimer
LeaveCriticalSection
EnterCriticalSection
SetEvent
ResetEvent
GetCurrentProcessId
GetCurrentThreadId
GetDynamicTimeZoneInformation
Sleep
TerminateThread
WaitForSingleObject
GlobalReAlloc
GlobalAlloc
CloseHandle
GlobalFree
GlobalUnlock
WriteFile
CreateFileW
GlobalLock
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
CreateTimerQueue
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
ChangeTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
GetProfileIntW

user32

SendDlgItemMessageA
DrawStateW
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IntersectRect
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
IsWindowEnabled
ClientToScreen
GetWindowDC
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetParent
GetClassLongW
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetRectEmpty
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
DestroyIcon
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
ReleaseCapture
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
RegisterWindowMessageW
GetIconInfo
OemToCharBuffA
CharToOemBuffA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterClassW
GetMonitorInfoW
MonitorFromWindow
MessageBoxW
LockWindowUpdate
DrawIcon
IsIconic
LoadIconW
GrayStringW
DrawTextExW
DrawTextW
GetSystemMenu
LoadImageW
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
TabbedTextOutW
ShowScrollBar
EqualRect
GetScrollPos
wsprintfW
SetScrollPos
RemoveMenu
GetSubMenu
LoadMenuW
FillRect
FindWindowExW
DispatchMessageW
TranslateMessage
InflateRect
SetLayeredWindowAttributes
DrawFocusRect
NotifyWinEvent
GetSysColorBrush
LoadCursorW
SystemParametersInfoW
EnumDisplayMonitors
DestroyMenu
GetMenuItemInfoW
PostQuitMessage
DrawFrameControl
IsRectEmpty
DrawIconEx
ShowOwnedPopups
SetCursor
GetWindowLongW
SetWindowLongW
DrawEdge
CopyRect
CopyImage
RealChildWindowFromPoint
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
IsZoomed
SetMenu
GetMenuDefaultItem
CreatePopupMenu
SetRect
GetClientRect
InvalidateRect
FrameRect
GetDC
ReleaseDC
DeleteMenu
EnableWindow
KillTimer
IsWindowVisible
SetWindowRgn
GetCursorPos
GetSystemMetrics
OffsetRect
UpdateWindow
SetTimer
PtInRect
IsWindow
GetWindowRgn
DestroyCursor
GetComboBoxInfo
SendMessageW
GetWindowRect
GetSysColor
WindowFromPoint
MessageBeep
SetCapture
CreateMenu
SubtractRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
InvertRect
HideCaret
GetNextDlgGroupItem
PostThreadMessageW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
GetUpdateRect
ModifyMenuW
CopyIcon
GetDoubleClickTime
WaitMessage
SetClassLongW
BringWindowToTop
SetParent
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
SetWindowPlacement
ToUnicodeEx
GetDlgCtrlID

gdi32

CreateRoundRectRgn
FillRgn
FrameRgn
Rectangle
SelectObject
CreateFontW
SetMapMode
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
PatBlt
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
RemoveFontResourceExW
GetTextExtentPoint32W
AddFontResourceExW
DeleteDC
ExtSelectClipRgn
CreateBitmap
DeleteObject
RestoreDC
SetStretchBltMode
SetBkColor
SetDIBitsToDevice
SetBkMode
SetTextColor
CreateRectRgnIndirect
GetClipBox
CreateDIBSection
SaveDC
CombineRgn
CreateRectRgn
CreateHatchBrush
CreatePatternBrush
ExcludeClipRect
GetObjectType
GetPixel
IntersectClipRect
LineTo
SelectClipRgn
SetLayout
GetLayout
SetPolyFillMode
EndDoc
SetTextAlign
MoveToEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
SetRectRgn
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
SetDIBColorTable
GetRgnBox
OffsetRgn
RoundRect
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
ExtFloodFill
SetPaletteEntries
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
EndPage
StartPage
GetDeviceCaps
StartDocW
RealizePalette
SelectPalette
GetObjectW
GetStockObject
SetPixel
CreatePen
CreatePalette
GetSystemPaletteEntries
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SetROP2
CreateFontIndirectW
StretchBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW

comctl32

ImageList_Remove
ImageList_AddMasked
ImageList_GetImageCount

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW

uxtheme

GetThemeSysColor
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeText
GetCurrentThemeName
IsAppThemed
OpenThemeData
GetThemeColor
DrawThemeParentBackground
GetThemePartSize
CloseThemeData

ole32

CoUninitialize
CoInitializeEx
CoCreateGuid
CoInitialize
CoDisconnectObject
CreateStreamOnHGlobal
DoDragDrop
OleLockRunning
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleInitialize
CoBuildVersion
OleUninitialize
CLSIDFromProgID
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop

oleaut32

VariantInit
VariantClear
VariantChangeType
SysStringLen
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantCopy
VarBstrFromDate
SysAllocString
SafeArrayDestroy
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayUnaccessData
SysFreeString
SafeArrayGetLBound

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawPath
GdipIsVisiblePathPoint
GdipSaveImageToFile
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneBrush
GdipSetSolidFillColor
GdipFillEllipseI
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipDrawString
GdipCreatePen1
GdipDeletePen
GdipDrawLineI
GdipSetPenDashStyle
GdipDrawLine
GdipFillRectangleI
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipCreateLineBrush
GdipSetPenBrushFill
GdipCreateLineBrushI
GdipSetPenColor
GdipFillPie
GdipSetLineColors
GdipDrawPie
GdipCreateCachedBitmap
GdipDrawCachedBitmap
GdipDeleteCachedBitmap
GdipSetStringFormatFlags
GdipMeasureString
GdipFillRectangle
GdipDrawRectangle
GdipCreatePath
GdipDeletePath
GdipAddPathPie
GdipGetPathLastPoint
GdipResetPath
GdipAddPathLine
GdipAddPathArc
GdipFillPath
GdipGetImageEncodersSize
GdipGetImageEncoders

iphlpapi

IcmpSendEcho2
IcmpCreateFile

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 657KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIM Ver 2.1.0_BMS_LAST_TEST/license_IV762JS001_10_Basic.key

Sharing

General

Malware Config

Signatures

Files

3abe302b6d9a1256e6a915429af4ffd2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 149KB

.ndata Size: - Virtual size: 104KB

.rsrc Size: 30KB - Virtual size: 30KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 232KB - Virtual size: 231KB

.rsrc Size: 1024B - Virtual size: 868B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 67KB - Virtual size: 66KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

31:e7:96:d1:fb:ca:44:0c:b7:9c:80:2c:b0:93:6f:c4:a3:ff:fb:8e:93:b1:09:b2:2a:71:d9:6c:3d:7f:3b:6fSigner

Signature Validations

Verification

26-04-2023 11:43 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 130KB - Virtual size: 129KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23Certificate

Extended Key Usages

Key Usages

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7eCertificate

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 149KB

.ndata
Size: - Virtual size: 104KB

.rsrc
Size: 30KB - Virtual size: 30KB

.text
Size: 232KB - Virtual size: 231KB

.rsrc
Size: 1024B - Virtual size: 868B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

31:e7:96:d1:fb:ca:44:0c:b7:9c:80:2c:b0:93:6f:c4:a3:ff:fb:8e:93:b1:09:b2:2a:71:d9:6c:3d:7f:3b:6f
Signer

26-04-2023 11:43
Valid: false

.text
Size: 130KB - Virtual size: 129KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

8c:10:56:8e:61:ed:4a:db:b2:78:fe:51:cd:63:62:ed:e4:18:e6:f9:b5:44:af:42:d1:80:41:52:2d:66:12:81
Signer

09-11-2019 00:56
Valid: true

.text
Size: 673KB - Virtual size: 673KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 552KB - Virtual size: 552KB

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 267KB - Virtual size: 267KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 657KB - Virtual size: 657KB