8f0cd13b1cd4aca2d78bffa0510708c11c2b1be59515d8d589b31758a986388a

Sharing

Copy URL

Twitter E-mail

General

Target

8f0cd13b1cd4aca2d78bffa0510708c11c2b1be59515d8d589b31758a986388a
Size

6.9MB
MD5

ca9c8b1f8108d1677003e2c4a3b4cf3b
SHA1

b27d797cd7668a5cdc1ad1ca8efdd75cddc333bd
SHA256

8f0cd13b1cd4aca2d78bffa0510708c11c2b1be59515d8d589b31758a986388a
SHA512

c865c0a810b3b858d64043338fbea909bcb58956540b0d105df23421a4304589e0fd277dfd4a13f02a9a4a7974ee6fe871665b89cdfc704b9cb47e0b3c38280d
SSDEEP

196608:DpR27/pPJ2t0YBuhsuuqNCReXdlmDFLLFWGrUwaakt:Di7/pGuhsNqNG4mD754w7kt

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f0cd13b1cd4aca2d78bffa0510708c11c2b1be59515d8d589b31758a986388a

Files

8f0cd13b1cd4aca2d78bffa0510708c11c2b1be59515d8d589b31758a986388a
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0?$TGroup@U_Calibration@@@@QAE@ABV0@@Z
??0?$TGroup@U_Calibration@@@@QAE@XZ
??0?$TGroup@U_MultiSelect@@@@QAE@XZ
??0?$TGroup@UtagACT@@@@QAE@ABV0@@Z
??0?$TGroup@UtagACT@@@@QAE@XZ
??0?$TGroup@UtagButton@@@@QAE@XZ
??0?$TGroup@UtagColumnAttribute@@@@QAE@XZ
??0?$TGroup@UtagMenuBlock@@@@QAE@XZ
??0?$TGroup@UtagMultiInput@@@@QAE@XZ
??0?$TGroup@VTCString@@@@QAE@ABV0@@Z
??0?$TGroup@VTCString@@@@QAE@XZ
??0?$TGroup@VTHexArray@@@@QAE@ABV0@@Z
??0?$TGroup@VTHexArray@@@@QAE@XZ
??0TA2lFunctionParse@@QAE@ABV0@@Z
??0TA2lFunctionParse@@QAE@XZ
??0TActiveTest@@QAE@ABV0@@Z
??0TActiveTest@@QAE@XZ
??0TAxisDescrParser@@QAE@ABV0@@Z
??0TAxisDescrParser@@QAE@XZ
??0TAxisPtsParser@@QAE@ABV0@@Z
??0TAxisPtsParser@@QAE@XZ
??0TBatchBuffer@@QAE@ABV0@@Z
??0TBatchBuffer@@QAE@XZ
??0TCString@@QAE@ABV0@@Z
??0TCString@@QAE@H@Z
??0TCString@@QAE@PBD@Z
??0TCString@@QAE@XZ
??0TCanProtocol@@QAE@ABV0@@Z
??0TCanProtocol@@QAE@XZ
??0TCanSystemTemplate@@QAE@ABV0@@Z
??0TCanSystemTemplate@@QAE@XZ
??0TCharacteristicEidt@@QAE@ABV0@@Z
??0TCharacteristicEidt@@QAE@XZ
??0TCharacteristicParser@@QAE@ABV0@@Z
??0TCharacteristicParser@@QAE@XZ
??0TCompuMethod@@QAE@XZ
??0TCompuTabParser@@QAE@ABV0@@Z
??0TCompuTabParser@@QAE@XZ
??0TCompu_MethodParser@@QAE@ABV0@@Z
??0TCompu_MethodParser@@QAE@XZ
??0TConfig@@QAE@ABV0@@Z
??0TConfig@@QAE@XZ
??0TCrcCheck@@QAE@ABV0@@Z
??0TCrcCheck@@QAE@XZ
??0TDataFile@@QAE@ABV0@@Z
??0TDataFile@@QAE@XZ
??0TDataStream@@QAE@ABV0@@Z
??0TDataStream@@QAE@XZ
??0TDatastreamClassify@@QAE@ABV0@@Z
??0TDatastreamClassify@@QAE@XZ
??0TDiagApp@@QAE@ABV0@@Z
??0TDiagApp@@QAE@XZ
??0TDiagnoseUnit@@QAE@ABV0@@Z
??0TDiagnoseUnit@@QAE@XZ
??0TDownloadData@@QAE@ABV0@@Z
??0TDownloadData@@QAE@XZ
??0TExperientEidt@@QAE@ABV0@@Z
??0TExperientEidt@@QAE@XZ
??0TFEolFile@@QAE@ABV0@@Z
??0TFEolFile@@QAE@XZ
??0TFileFind@@QAE@ABV0@@Z
??0TFileFind@@QAE@XZ
??0TFreezeFrame@@QAE@ABV0@@Z
??0TFreezeFrame@@QAE@XZ
??0TFuncTest@@QAE@ABV0@@Z
??0TFuncTest@@QAE@XZ
??0THexArray@@QAE@ABV0@@Z
??0THexArray@@QAE@PAEK@Z
??0THexArray@@QAE@PBDK@Z
??0THexArray@@QAE@XZ
??0THexFile@@QAE@ABV0@@Z
??0THexFile@@QAE@XZ
??0TInputValue@@QAE@ABV0@@Z
??0TInputValue@@QAE@XZ
??0TKwpProtocol@@QAE@ABV0@@Z
??0TKwpProtocol@@QAE@XZ
??0TKwpSystemTemplate@@QAE@ABV0@@Z
??0TKwpSystemTemplate@@QAE@XZ
??0TMeasurementParser@@QAE@ABV0@@Z
??0TMeasurementParser@@QAE@XZ
??0TMenuShow@@QAE@ABV0@@Z
??0TMenuShow@@QAE@XZ
??0TMultiInput@@QAE@ABV0@@Z
??0TMultiInput@@QAE@XZ
??0TMultiSelect@@QAE@ABV0@@Z
??0TMultiSelect@@QAE@XZ
??0TPublicPanel@@QAE@ABV0@@Z
??0TPublicPanel@@QAE@XZ
??0TPumpTest@@QAE@ABV0@@Z
??0TPumpTest@@QAE@XZ
??0TReceiveFrame@@QAE@ABV0@@Z
??0TReceiveFrame@@QAE@XZ
??0TRecordLayout@@QAE@XZ
??0TS19File@@QAE@ABV0@@Z
??0TS19File@@QAE@XZ
??0TSQLite3@@QAE@ABV0@@Z
??0TSQLite3@@QAE@PBD0@Z
??0TSQLite3@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??0TSQLite3@@QAE@XZ
??0TSelectMenu@@QAE@ABV0@@Z
??0TSelectMenu@@QAE@XZ
??0TSemaphore@@QAE@H@Z
??0TSendFrame@@QAE@ABV0@@Z
??0TSendFrame@@QAE@XZ
??0TTroubleCode@@QAE@ABV0@@Z
??0TTroubleCode@@QAE@XZ
??0TUploadData@@QAE@ABV0@@Z
??0TUploadData@@QAE@XZ
??0TVehicleCalibration@@QAE@ABV0@@Z
??0TVehicleCalibration@@QAE@XZ
??0TVehicleInfo@@QAE@ABV0@@Z
??0TVehicleInfo@@QAE@XZ
??0TWriteData@@QAE@ABV0@@Z
??0TWriteData@@QAE@XZ
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@PBD@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??1?$TGroup@U_Calibration@@@@UAE@XZ
??1?$TGroup@U_MultiSelect@@@@UAE@XZ
??1?$TGroup@UtagACT@@@@UAE@XZ
??1?$TGroup@UtagButton@@@@UAE@XZ
??1?$TGroup@UtagColumnAttribute@@@@UAE@XZ
??1?$TGroup@UtagMenuBlock@@@@UAE@XZ
??1?$TGroup@UtagMultiInput@@@@UAE@XZ
??1?$TGroup@VTCString@@@@UAE@XZ
??1?$TGroup@VTHexArray@@@@UAE@XZ
??1TA2lFunctionParse@@QAE@XZ
??1TActiveTest@@UAE@XZ
??1TAxisDescrParser@@QAE@XZ
??1TAxisPtsParser@@QAE@XZ
??1TBatchBuffer@@UAE@XZ
??1TCString@@UAE@XZ
??1TCanProtocol@@UAE@XZ
??1TCanSystemTemplate@@UAE@XZ
??1TCharacteristicEidt@@QAE@XZ
??1TCharacteristicParser@@QAE@XZ
??1TCompuMethod@@QAE@XZ
??1TCompuTabParser@@QAE@XZ
??1TCompu_MethodParser@@QAE@XZ
??1TConfig@@UAE@XZ
??1TCrcCheck@@UAE@XZ
??1TDataFile@@UAE@XZ
??1TDataStream@@UAE@XZ
??1TDatastreamClassify@@QAE@XZ
??1TDiagApp@@QAE@XZ
??1TDiagnoseUnit@@UAE@XZ
??1TDownloadData@@UAE@XZ
??1TExperientEidt@@QAE@XZ
??1TFEolFile@@UAE@XZ
??1TFileFind@@UAE@XZ
??1TFreezeFrame@@UAE@XZ
??1TFuncTest@@UAE@XZ
??1THexArray@@UAE@XZ
??1THexFile@@UAE@XZ
??1TInputValue@@UAE@XZ
??1TKwpProtocol@@UAE@XZ
??1TKwpSystemTemplate@@UAE@XZ
??1TMeasurementParser@@QAE@XZ
??1TMenuShow@@UAE@XZ
??1TMultiInput@@UAE@XZ
??1TMultiSelect@@UAE@XZ
??1TPublicPanel@@QAE@XZ
??1TPumpTest@@UAE@XZ
??1TReceiveFrame@@UAE@XZ
??1TRecordLayout@@QAE@XZ
??1TS19File@@UAE@XZ
??1TSQLite3@@UAE@XZ
??1TSelectMenu@@UAE@XZ
??1TSemaphore@@QAE@XZ
??1TSendFrame@@UAE@XZ
??1TTroubleCode@@UAE@XZ
??1TUploadData@@UAE@XZ
??1TVehicleCalibration@@UAE@XZ
??1TVehicleInfo@@UAE@XZ
??1TWriteData@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??4?$TGroup@UtagACT@@@@QAEAAV0@ABV0@@Z
??4?$TGroup@VTCString@@@@QAEAAV0@ABV0@@Z
??4?$TGroup@VTHexArray@@@@QAEAAV0@ABV0@@Z
??4TA2lFunctionParse@@QAEAAV0@ABV0@@Z
??4TActiveTest@@QAEAAV0@ABV0@@Z
??4TAxisDescrParser@@QAEAAV0@ABV0@@Z
??4TAxisPtsParser@@QAEAAV0@ABV0@@Z
??4TBatchBuffer@@QAEAAV0@ABV0@@Z
??4TCString@@QAEAAV0@ABV0@@Z
??4TCString@@QAEABV0@D@Z
??4TCString@@QAEABV0@PBD@Z
??4TCanProtocol@@QAEAAV0@ABV0@@Z
??4TCanSystemTemplate@@QAEAAV0@ABV0@@Z
??4TCharacteristicEidt@@QAEAAV0@ABV0@@Z
??4TCharacteristicParser@@QAEAAV0@ABV0@@Z
??4TCompuMethod@@QAEAAV0@ABV0@@Z
??4TCompuTabParser@@QAEAAV0@ABV0@@Z
??4TCompu_MethodParser@@QAEAAV0@ABV0@@Z
??4TConfig@@QAEAAV0@ABV0@@Z
??4TCrcCheck@@QAEAAV0@ABV0@@Z
??4TDataFile@@QAEAAV0@ABV0@@Z
??4TDataStream@@QAEAAV0@ABV0@@Z
??4TDatastreamClassify@@QAEAAV0@ABV0@@Z
??4TDeviceInfo@@QAEAAV0@ABV0@@Z
??4TDiagApp@@QAEAAV0@ABV0@@Z
??4TDiagnoseUnit@@QAEAAV0@ABV0@@Z
??4TDownloadData@@QAEAAV0@ABV0@@Z
??4TExperientEidt@@QAEAAV0@ABV0@@Z
??4TFEolFile@@QAEAAV0@ABV0@@Z
??4TFileFind@@QAEAAV0@ABV0@@Z
??4TFreezeFrame@@QAEAAV0@ABV0@@Z
??4TFuncTest@@QAEAAV0@ABV0@@Z
??4THexArray@@QAEAAV0@ABV0@@Z
??4THexFile@@QAEAAV0@ABV0@@Z
??4TInputValue@@QAEAAV0@ABV0@@Z
??4TKwpProtocol@@QAEAAV0@ABV0@@Z
??4TKwpSystemTemplate@@QAEAAV0@ABV0@@Z
??4TMeasurementParser@@QAEAAV0@ABV0@@Z
??4TMenuShow@@QAEAAV0@ABV0@@Z
??4TMultiInput@@QAEAAV0@ABV0@@Z
??4TMultiSelect@@QAEAAV0@ABV0@@Z
??4TPublicPanel@@QAEAAV0@ABV0@@Z
??4TPumpTest@@QAEAAV0@ABV0@@Z
??4TReceiveFrame@@QAEXV0@@Z
??4TRecordLayout@@QAEAAV0@ABV0@@Z
??4TS19File@@QAEAAV0@ABV0@@Z
??4TSQLite3@@QAEAAV0@ABV0@@Z
??4TSelectMenu@@QAEAAV0@ABV0@@Z
??4TSendFrame@@QAEXAAV?$vector@VTHexArray@@V?$allocator@VTHexArray@@@std@@@std@@@Z
??4TSendFrame@@QAEXV0@@Z
??4TSendFrame@@QAEXVTHexArray@@@Z
??4TTroubleCode@@QAEAAV0@ABV0@@Z
??4TUploadData@@QAEAAV0@ABV0@@Z
??4TVehicleCalibration@@QAEAAV0@ABV0@@Z
??4TVehicleInfo@@QAEAAV0@ABV0@@Z
??4TWriteData@@QAEAAV0@ABV0@@Z
??4TiXmlDocument@@QAEAAV0@ABV0@@Z
??4TiXmlElement@@QAEAAV0@ABV0@@Z
??8@YAHABVTCString@@0@Z
??8THexArray@@QBEHABV0@@Z
??A?$TGroup@U_Calibration@@@@QBE?AU_Calibration@@G@Z
??A?$TGroup@UtagACT@@@@QBE?AUtagACT@@G@Z
??A?$TGroup@UtagButton@@@@QBE?AUtagButton@@G@Z
??A?$TGroup@VTCString@@@@QBE?AVTCString@@G@Z
??A?$TGroup@VTHexArray@@@@QBE?AVTHexArray@@G@Z
??ATCString@@QAEAADH@Z
??ATCString@@QBEDH@Z
??ATHexArray@@QAEAAEK@Z
??ATHexArray@@QBEEK@Z
??ATReceiveFrame@@QAEAAVTHexArray@@H@Z
??ATSendFrame@@QAE?AVTHexArray@@H@Z
??H@YA?AVTCString@@ABV0@0@Z
??H@YA?AVTCString@@ABV0@D@Z
??H@YA?AVTCString@@ABV0@PBD@Z
??H@YA?AVTCString@@DABV0@@Z
??H@YA?AVTCString@@PBDABV0@@Z
??HTHexArray@@QAE?AV0@ABV0@@Z
??MTHexArray@@QBEHABV0@@Z
??NTHexArray@@QBEHABV0@@Z
??OTHexArray@@QBEHABV0@@Z
??PTHexArray@@QBEHABV0@@Z
??YTCString@@QAEABV0@ABV0@@Z
??YTCString@@QAEABV0@D@Z
??YTCString@@QAEABV0@PBD@Z
??YTHexArray@@QAEAAV0@ABV0@@Z
??YTHexArray@@QAEAAV0@E@Z
??YTReceiveFrame@@QAEXAAV?$TGroup@VTHexArray@@@@@Z
??YTSendFrame@@QAEXAAV0@@Z
??YTSendFrame@@QAEXAAV?$vector@VTHexArray@@V?$allocator@VTHexArray@@@std@@@std@@@Z
??YTSendFrame@@QAEXVTHexArray@@@Z
??_7?$TGroup@U_Calibration@@@@6B@
??_7?$TGroup@U_MultiSelect@@@@6B@
??_7?$TGroup@UtagACT@@@@6B@
??_7?$TGroup@UtagButton@@@@6B@
??_7?$TGroup@UtagColumnAttribute@@@@6B@
??_7?$TGroup@UtagMenuBlock@@@@6B@
??_7?$TGroup@UtagMultiInput@@@@6B@
??_7?$TGroup@VTCString@@@@6B@
??_7?$TGroup@VTHexArray@@@@6B@
??_7TActiveTest@@6B@
??_7TBatchBuffer@@6B@
??_7TCString@@6B@
??_7TCanProtocol@@6B@
??_7TCanSystemTemplate@@6BTCanProtocol@@@
??_7TCanSystemTemplate@@6BTDiagnoseUnit@@@
??_7TCanSystemTemplate@@6BTPublicPanel@@@
??_7TCharacteristicEidt@@6B@
??_7TConfig@@6B@
??_7TCrcCheck@@6B@
??_7TDataFile@@6B@
??_7TDataStream@@6B@
??_7TDiagApp@@6B@
??_7TDiagnoseUnit@@6B@
??_7TDownloadData@@6B@
??_7TExperientEidt@@6B@
??_7TFEolFile@@6B@
??_7TFileFind@@6B@
??_7TFreezeFrame@@6B@
??_7TFuncTest@@6B@
??_7THexArray@@6B@
??_7THexFile@@6B@
??_7TInputValue@@6B@
??_7TKwpProtocol@@6B@
??_7TKwpSystemTemplate@@6BTDiagnoseUnit@@@
??_7TKwpSystemTemplate@@6BTKwpProtocol@@@
??_7TKwpSystemTemplate@@6BTPublicPanel@@@
??_7TMenuShow@@6B@
??_7TMultiInput@@6B@
??_7TMultiSelect@@6B@
??_7TPublicPanel@@6B@
??_7TPumpTest@@6B@
??_7TReceiveFrame@@6B@
??_7TS19File@@6B@
??_7TSQLite3@@6B@
??_7TSelectMenu@@6B@
??_7TSendFrame@@6B@
??_7TTroubleCode@@6B@
??_7TUploadData@@6B@
??_7TVehicleCalibration@@6B@
??_7TVehicleInfo@@6B@
??_7TWriteData@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_FTSemaphore@@QAEXXZ
?ABS_EXHAUST@TPublicPanel@@UAEHG@Z
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z
?AccessTimingParameter@TCanProtocol@@UAEHEK@Z
?AccessTimingParameter@TKwpProtocol@@MAEHEK@Z
?ActTest@TCanSystemTemplate@@UAEHG@Z
?ActTest@TKwpSystemTemplate@@UAEHG@Z
?ActiveTest@@3VTActiveTest@@A
?ActuatorTest@TDiagnoseUnit@@UAEHG@Z
?Add@TBatchBuffer@@QAEXPAXG@Z
?Add@TDataStream@@UAEXVTHexArray@@@Z
?Add@TDatastreamClassify@@QAEXVTCString@@0@Z
?Add@THexArray@@QAEXE@Z
?Add@TMenuShow@@QAEXAAVTCString@@I@Z
?Add@TMenuShow@@QAEXGAAVTCString@@IGG@Z
?Add@TMenuShow@@QAEXGAAVTCString@@IGGG@Z
?Add@TMultiInput@@QAEXVTCString@@0D@Z
?Add@TMultiInput@@QAEXVTCString@@VTHexArray@@D@Z
?Add@TMultiInput@@QAEXVTHexArray@@0D@Z
?Add@TMultiInput@@QAEXVTHexArray@@VTCString@@D@Z
?Add@TMultiSelect@@QAEXAAV?$TGroup@VTHexArray@@@@@Z
?Add@TMultiSelect@@QAEXAAV?$vector@KV?$allocator@K@std@@@std@@@Z
?Add@TMultiSelect@@QAEXVTHexArray@@@Z
?Add@TMultiSelect@@QAEXVTHexArray@@E@Z
?Add@TSelectMenu@@QAEXVTCString@@I@Z
?Add@TTroubleCode@@QAEXVTCString@@00EG@Z
?Add@TTroubleCode@@QAEXVTCString@@0EEG@Z
?Add@TTroubleCode@@QAEXVTHexArray@@EEG@Z
?Add@TTroubleCode@@QAEXVTHexArray@@VTCString@@EG@Z
?Add@TVehicleInfo@@UAEXVTCString@@0@Z
?Add@TVehicleInfo@@UAEXVTHexArray@@0@Z
?Add@TVehicleInfo@@UAEXVTHexArray@@VTCString@@@Z
?Add@TWriteData@@UAEXVTCString@@0@Z
?Add@TWriteData@@UAEXVTHexArray@@0@Z
?Add@TWriteData@@UAEXVTHexArray@@VTCString@@@Z
?AddButton@TActiveTest@@QAEXVTCString@@G@Z
?AddButton@TActiveTest@@QAEXVTHexArray@@G@Z
?AddButton@TDownloadData@@UAEXGVTCString@@HHHHHH@Z
?AddButton@TDownloadData@@UAEXGVTHexArray@@HHHHHH@Z
?AddButton@TFuncTest@@UAEXVTCString@@GHHHHHH@Z
?AddButton@TFuncTest@@UAEXVTHexArray@@GHHHHHH@Z
?AddButton@TUploadData@@UAEXGVTCString@@HHHHHH@Z
?AddButton@TUploadData@@UAEXGVTHexArray@@HHHHHH@Z
?AddButton@TVehicleCalibration@@UAEXGVTCString@@HHHHHH@Z
?AddButton@TVehicleCalibration@@UAEXGVTHexArray@@HHHHHH@Z
?AddCanFilterId@TCommFilter@@YAXKK@Z
?AddChar@TVehicleInfo@@UAEXVTCString@@VTHexArray@@GG@Z
?AddChar@TVehicleInfo@@UAEXVTHexArray@@0GG@Z
?AddChar@TWriteData@@UAEXVTCString@@VTHexArray@@GG@Z
?AddChar@TWriteData@@UAEXVTHexArray@@0GG@Z
?AddFromCmdLib@TSendFrame@@QAEHVTHexArray@@@Z
?AddGroup@TDataStream@@UAEXV?$TGroup@VTHexArray@@@@E@Z
?AddGroup@TDataStream@@UAEXV?$vector@KV?$allocator@K@std@@@std@@E@Z
?AddHex@TVehicleInfo@@UAEXVTCString@@VTHexArray@@GG@Z
?AddHex@TVehicleInfo@@UAEXVTHexArray@@0GG@Z
?AddHex@TWriteData@@UAEXVTCString@@VTHexArray@@GG@Z
?AddHex@TWriteData@@UAEXVTHexArray@@0GG@Z
?AddInputEdit@TVehicleCalibration@@UAEXGHHVTCString@@00KKHH@Z
?AddInputEdit@TVehicleCalibration@@UAEXGHHVTHexArray@@0VTCString@@KKHH@Z
?AddInt@TVehicleInfo@@UAEXVTCString@@VTHexArray@@GG@Z
?AddInt@TVehicleInfo@@UAEXVTHexArray@@0GG@Z
?AddInt@TWriteData@@UAEXVTCString@@VTHexArray@@GG@Z
?AddInt@TWriteData@@UAEXVTHexArray@@0GG@Z
?AddMapTable@TVehicleCalibration@@UAEXGHHVTCString@@V?$vector@VTCString@@V?$allocator@VTCString@@@std@@@std@@11K@Z
?AddMapTable@TVehicleCalibration@@UAEXGHHVTHexArray@@V?$vector@VTCString@@V?$allocator@VTCString@@@std@@@std@@11K@Z
?AddProcessState@TDownloadData@@UAEXVTCString@@H@Z
?AddProcessState@TDownloadData@@UAEXVTHexArray@@H@Z
?AddProcessState@TFuncTest@@UAEXVTCString@@H@Z
?AddProcessState@TFuncTest@@UAEXVTHexArray@@H@Z
?AddProcessState@TUploadData@@UAEXVTCString@@H@Z
?AddProcessState@TUploadData@@UAEXVTHexArray@@H@Z
?AddProcessState@TVehicleCalibration@@UAEXVTCString@@H@Z
?AddProcessState@TVehicleCalibration@@UAEXVTHexArray@@H@Z
?AddPromptInfomation@TDownloadData@@UAEXVTCString@@H@Z
?AddPromptInfomation@TDownloadData@@UAEXVTHexArray@@H@Z
?AddPromptInfomation@TFuncTest@@UAEXVTCString@@H@Z
?AddPromptInfomation@TFuncTest@@UAEXVTHexArray@@H@Z
?AddPromptInfomation@TUploadData@@UAEXVTCString@@H@Z
?AddPromptInfomation@TUploadData@@UAEXVTHexArray@@H@Z
?AddPromptInfomation@TVehicleCalibration@@UAEXVTCString@@H@Z
?AddPromptInfomation@TVehicleCalibration@@UAEXVTHexArray@@H@Z
?AddResistor@TCommWithECU@@YAXH@Z
?AddSendFrame@TSendFrame@@QAEHAAV1@@Z
?AddSwitch@TVehicleCalibration@@UAEXGHHVTCString@@00HKKHH@Z
?AddSwitch@TVehicleCalibration@@UAEXGHHVTHexArray@@00HKKHH@Z
?AddTable@TVehicleCalibration@@UAEXGHHVTCString@@V?$vector@VTCString@@V?$allocator@VTCString@@@std@@@std@@1K@Z
?AddTable@TVehicleCalibration@@UAEXGHHVTHexArray@@V?$vector@VTCString@@V?$allocator@VTCString@@@std@@@std@@1K@Z
?AddressCodeEnter@TCommWithECU@@YA?AVTHexArray@@EEII@Z
?AirConditionerControl@TPublicPanel@@UAEHG@Z
?AllocBuf@TCString@@QAEXH@Z
?AllocateBuf@THexArray@@QAEXK@Z
?Append@TCString@@QAEAAV1@ABV1@@Z
?Append@TCString@@QAEAAV1@ABV1@HH@Z
?Append@TCString@@QAEAAV1@HD@Z
?Append@TCString@@QAEAAV1@PBD@Z
?Append@TCString@@QAEAAV1@PBDH@Z
?Append@THexArray@@QAEKABV1@@Z
?Append@THexArray@@QAEKPAEK@Z
?Append@THexArray@@QAEKPBDK@Z
?ArrangeAddress@TS19File@@UAEHKKAAV?$vector@U_StructAddress@@V?$allocator@U_StructAddress@@@std@@@std@@@Z
?AsString@TCString@@QBEPBDXZ
?AsString@THexArray@@QBEPBDXZ
?AsciiToUTF8@TCommonFunc@@YA?AVTCString@@V2@@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?AutoTurn@TCharacteristicEidt@@UAEHXZ
?AutoTurn@TDataStream@@UAEHXZ
?AutoTurn@TExperientEidt@@UAEHXZ
?AutoTurn@TFuncTest@@UAEHXZ
?BENCH_ActiveECU@TCommWithECU@@YA?AVTHexArray@@E@Z
?Bin2Hex@THexFile@@UAEHPBDKPAEK@Z
?Bin2S19@TS19File@@UAEHPBDKPAEK@Z
?BlockCollect@TS19File@@UAE?AV?$vector@KV?$allocator@K@std@@@std@@XZ
?Calculate@TCalibration@@YA?AVTCString@@HVTHexArray@@HH@Z
?Calculate@TCharacteristicParser@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@KU_COMPU_METHOD@@@Z
?Calculate@TCompuMethod@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V23@0NNNNNNN@Z
?Calculate@TDataStream@@UAE?AVTCString@@VTHexArray@@0@Z
?CalculateKey@TCommWithECU@@YA?AVTHexArray@@KEPAE@Z
?CalculateKey@TCommWithECU@@YA?AVTHexArray@@KV2@@Z
?Calibration@TCanSystemTemplate@@UAEHG@Z
?Calibration@TDiagnoseUnit@@UAEHG@Z
?Calibration@TKwpSystemTemplate@@UAEHG@Z
?CalibrationData@TPublicPanel@@UAEHG@Z
?CallSecurityAccessFunc@TCommWithECU@@YAHKE@Z
?CallSecurityAccessFunc@TCommWithECU@@YAHKEPAEE@Z
?CallSecurityAccessFunc@TCommWithECU@@YAHKVTHexArray@@E@Z
?ChangeSessionMode@TCanProtocol@@UAEHEE@Z
?ChangeSessionMode@TKwpProtocol@@MAEHEE@Z
?CharToInt@TCommonFunc@@YAEE@Z
?CheckCrc16@TCheckCode@@YAGPAEG@Z
?CheckCrc@TCheckCode@@YAEAAVTHexArray@@@Z
?CheckDiagLicense@@YAHVTCString@@00@Z
?CheckSum@TCheckCode@@YAKAAVTHexArray@@@Z
?CheckXor@TCheckCode@@YAGAAVTHexArray@@@Z
?Clear@?$TGroup@U_Calibration@@@@QAEXXZ
?Clear@?$TGroup@U_MultiSelect@@@@QAEXXZ
?Clear@?$TGroup@UtagACT@@@@QAEXXZ
?Clear@?$TGroup@UtagButton@@@@QAEXXZ
?Clear@?$TGroup@UtagMenuBlock@@@@QAEXXZ
?Clear@?$TGroup@UtagMultiInput@@@@QAEXXZ
?Clear@?$TGroup@VTCString@@@@QAEXXZ
?Clear@?$TGroup@VTHexArray@@@@QAEXXZ
?Clear@TCString@@QAEXXZ
?Clear@TCharacteristicEidt@@UAEXXZ
?Clear@TCharacteristicParser@@QAEXXZ
?Clear@TCompuTabParser@@QAEXXZ
?Clear@TCompu_MethodParser@@QAEXXZ
?Clear@TExperientEidt@@UAEXXZ
?Clear@THexArray@@QAEXXZ
?Clear@TInputValue@@QAEXXZ
?Clear@TMeasurementParser@@QAEXXZ
?Clear@TReceiveFrame@@QAEXXZ
?Clear@TSendFrame@@QAEXXZ
?Clear@TiXmlNode@@QAEXXZ
?ClearDTC@TCanSystemTemplate@@UAEHG@Z
?ClearDTC@TDiagnoseUnit@@UAEHG@Z
?ClearDTC@TKwpSystemTemplate@@UAEHG@Z
?ClearError@TiXmlDocument@@QAEXXZ
?ClearModule@TDisplay@@YAXXZ
?ClearSystem@TDisplay@@YAXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Close@TDataFile@@QAEHXZ
?Close@TFEolFile@@UAEHXZ
?Close@THexFile@@UAEHXZ
?Close@TS19File@@UAEHXZ
?Close@TSQLite3@@QAEXXZ
?CodeConvert@@YAHPBD0PADI1I@Z
?CommonPanel@TPublicPanel@@UAEHG@Z
?CommunicationControl@TCanProtocol@@UAEHEEEE@Z
?CommunicationControl@TKwpProtocol@@MAEHEEEE@Z
?ControlDTCSetting@TCanProtocol@@UAEHE@Z

Sections

Size: 2.6MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 949KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 22KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 19KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 256KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.exports
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.loadcon
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.boot
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 2.6MB - Virtual size: 6.3MB

Size: 949KB - Virtual size: 1.9MB

Size: 22KB - Virtual size: 127KB

Size: 19KB - Virtual size: 88KB

Size: 256KB - Virtual size: 494KB

.exports Size: 75KB - Virtual size: 75KB

.imports Size: 1KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.themida Size: - Virtual size: 5.1MB

.loadcon Size: 17KB - Virtual size: 17KB

.boot Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 16B - Virtual size: 4KB

.exports
Size: 75KB - Virtual size: 75KB

.imports
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB

.themida
Size: - Virtual size: 5.1MB

.loadcon
Size: 17KB - Virtual size: 17KB

.boot
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 16B - Virtual size: 4KB