2cac84c70b52fb535b9181cf6c0e83728f7eda5d524005f07aa407cb07ed2ea9

Sharing

Copy URL Twitter E-mail

General

Target

2cac84c70b52fb535b9181cf6c0e83728f7eda5d524005f07aa407cb07ed2ea9
Size

644KB
MD5

4f895e45dbf04a824addc1477c84d250
SHA1

b2ffd34ef217d3adc61624efa197e7f90dc0d51b
SHA256

2cac84c70b52fb535b9181cf6c0e83728f7eda5d524005f07aa407cb07ed2ea9
SHA512

ad0f2ba0c07982377d87f067567e7b603215092e8f70d6ee1ad4163b13c50d9700e8d133c0b5555dfa57418f93f906c23c78b24dbe5a95c084e31d5a40a5656f
SSDEEP

6144:eTPRNKj2dhAZXcE/6BCxDuW22PQdvg4n7MmhIQEewhH6PcJ/wO4nNWUlUklu2fy8:eTZNKaABaM4HjbQm5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cac84c70b52fb535b9181cf6c0e83728f7eda5d524005f07aa407cb07ed2ea9

Files

2cac84c70b52fb535b9181cf6c0e83728f7eda5d524005f07aa407cb07ed2ea9
.exe windows:4 windows x64 arch:x64

28e0bb4455ab3a4e6d6ace58e73539c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libpstream

_ZN4Foam9UIPstream4readENS_8UPstream10commsTypesEiPcxi
_ZN4Foam9UOPstream5writeENS_8UPstream10commsTypesEiPKcxi

libopenfoam

_ZN4Foam10DLListBase10removeHeadEv
_ZN4Foam10DLListBase13endConstIter_E
_ZN4Foam10DLListBase6appendEPNS0_4linkE
_ZN4Foam10DLListBase8endIter_E
_ZN4Foam10FatalErrorE
_ZN4Foam10SLListBase10removeHeadEv
_ZN4Foam10SLListBase13endConstIter_E
_ZN4Foam10SLListBase6appendEPNS0_4linkE
_ZN4Foam10dictionary3addERKNS_7keyTypeERKS0_b
_ZN4Foam10dictionary3addERKNS_7keyTypeEib
_ZN4Foam10dictionary7subDictERKNS_4wordE
_ZN4Foam10dictionaryC1Ev
_ZN4Foam10dictionaryD1Ev
_ZN4Foam11regIOobject10readStreamERKNS_4wordE
_ZN4Foam11regIOobject14readIfModifiedEv
_ZN4Foam11regIOobject4readEv
_ZN4Foam11regIOobject5closeEv
_ZN4Foam11regIOobject6renameERKNS_4wordE
_ZN4Foam11regIOobject8readDataERNS_7IstreamE
_ZN4Foam11regIOobject8typeNameE
_ZN4Foam11regIOobjectC2ERKNS_8IOobjectEb
_ZN4Foam11regIOobjectD2Ev
_ZN4Foam12FatalIOErrorE
_ZN4Foam12IOdictionaryC1ERKNS_8IOobjectE
_ZN4Foam12IOdictionaryD1Ev
_ZN4Foam12timeSelector10addOptionsEbb
_ZN4Foam12timeSelector7select0ERNS_4TimeERKNS_7argListE
_ZN4Foam13messageStreamclEPKcS2_i
_ZN4Foam13messageStreamcvRNS_8OSstreamEEv
_ZN4Foam14objectRegistry14readIfModifiedEv
_ZN4Foam14objectRegistry6renameERKNS_4wordE
_ZN4Foam4InfoE
_ZN4Foam4PoutE
_ZN4Foam4Time15controlDictNameE
_ZN4Foam4Time7setTimeERKNS_7instantEi
_ZN4Foam4TimeC1ERKNS_4wordERKNS_7argListES3_S3_
_ZN4Foam4TimeD1Ev
_ZN4Foam4nameEi
_ZN4Foam4word5debugE
_ZN4Foam4wordC1ERNS_7IstreamE
_ZN4Foam5cloud6prefixE
_ZN4Foam5cloud7autoMapERKNS_11mapPolyMeshE
_ZN4Foam5cloudD2Ev
_ZN4Foam5error4exitEi
_ZN4Foam5error5abortEv
_ZN4Foam5errorclEPKcS2_i
_ZN4Foam5mkDirERKNS_8fileNameEt
_ZN4Foam5token21transferCompoundTokenEv
_ZN4Foam5tokenC1ERNS_7IstreamE
_ZN4Foam6HasherEPKvyj
_ZN4Foam6VectorIfE4zeroE
_ZN4Foam7IOFieldIiE8typeNameE
_ZN4Foam7IOerror4exitEi
_ZN4Foam7IOerrorclEPKcS2_iRKNS_8IOstreamE
_ZN4Foam7Istream11readEndListEPKc
_ZN4Foam7Istream13readBeginListEPKc
_ZN4Foam7Istream7putBackERKNS_5tokenE
_ZN4Foam7Istream7readEndEPKc
_ZN4Foam7Istream9readBeginEPKc
_ZN4Foam7Ostream5writeERKNS_7keyTypeE
_ZN4Foam7Pstream5debugE
_ZN4Foam7WarningE
_ZN4Foam7argList9addOptionERKNS_4wordERKNS_6stringES6_
_ZN4Foam7argListC1ERiRPPcbb
_ZN4Foam7argListD1Ev
_ZN4Foam7readIntERNS_7IstreamE
_ZN4Foam8IOobject8headerOkEv
_ZN4Foam8IOobjectC1ERKNS_4wordERKNS_8fileNameERKNS_14objectRegistryENS0_10readOptionENS0_11writeOptionEb
_ZN4Foam8IOobjectC1ERKNS_4wordERKNS_8fileNameES6_RKNS_14objectRegistryENS0_10readOptionENS0_11writeOptionEb
_ZN4Foam8IOobjectD1Ev
_ZN4Foam8IOstream14currentVersionE
_ZN4Foam8IOstream5name_E
_ZN4Foam8IPstreamC1ENS_8UPstream10commsTypesEiiNS_8IOstream12streamFormatENS3_13versionNumberE
_ZN4Foam8OFstreamC1ERKNS_8fileNameENS_8IOstream12streamFormatENS4_13versionNumberENS4_15compressionTypeE
_ZN4Foam8OFstreamD1Ev
_ZN4Foam8OPstreamC1ENS_8UPstream10commsTypesEiiiNS_8IOstream12streamFormatENS3_13versionNumberE
_ZN4Foam8UPstream15nProcsSimpleSumE
_ZN4Foam8UPstream18treeCommunication_E
_ZN4Foam8UPstream20linearCommunication_E
_ZN4Foam8UPstream7parRun_E
_ZN4Foam8UPstream8msgType_E
_ZN4Foam8UPstream8procIDs_E
_ZN4Foam8UPstream9myProcNo_E
_ZN4Foam8polyMesh13defaultRegionE
_ZN4Foam9UIPstream4readEPcx
_ZN4Foam9UIPstream4readERNS_4wordE
_ZN4Foam9UIPstream4readERNS_5tokenE
_ZN4Foam9UIPstream4readERNS_6stringE
_ZN4Foam9UIPstream4readERc
_ZN4Foam9UIPstream4readERd
_ZN4Foam9UIPstream4readERf
_ZN4Foam9UIPstream4readERi
_ZN4Foam9UIPstream6rewindEv
_ZN4Foam9UIPstreamD2Ev
_ZN4Foam9UOPstream11writeQuotedERKSsb
_ZN4Foam9UOPstream5writeEPKc
_ZN4Foam9UOPstream5writeEPKcx
_ZN4Foam9UOPstream5writeERKNS_4wordE
_ZN4Foam9UOPstream5writeERKNS_5tokenE
_ZN4Foam9UOPstream5writeERKNS_6stringE
_ZN4Foam9UOPstream5writeEc
_ZN4Foam9UOPstream5writeEd
_ZN4Foam9UOPstream5writeEf
_ZN4Foam9UOPstream5writeEi
_ZN4Foam9UOPstreamD2Ev
_ZN4FoamdvERKNS_6stringES2_
_ZN4FoamlsERNS_7OstreamEPKc
_ZN4FoamlsERNS_7OstreamERKNS_4wordE
_ZN4FoamlsERNS_7OstreamERKNS_5token16punctuationTokenE
_ZN4FoamlsERNS_7OstreamERKNS_8fileNameE
_ZN4FoamlsERNS_7OstreamEc
_ZN4FoamlsERNS_7OstreamEf
_ZN4FoamlsERNS_7OstreamEi
_ZN4FoamlsINS_5tokenEEERNS_7OstreamES3_RKNS_9InfoProxyIT_EE
_ZN4FoamplERKNS_5UListIiEERKi
_ZN4FoamrsERNS_7IstreamERNS_5tokenE
_ZN4FoamrsERNS_7IstreamERf
_ZN4FoamrsERNS_7IstreamERi
_ZNK4Foam10dictionary6lookupERKNS_4wordEbb
_ZNK4Foam11regIOobject11writeObjectENS_8IOstream12streamFormatENS1_13versionNumberENS1_15compressionTypeE
_ZNK4Foam11regIOobject5writeEv
_ZNK4Foam11regIOobject8modifiedEv
_ZNK4Foam14objectRegistry11writeObjectENS_8IOstream12streamFormatENS1_13versionNumberENS1_15compressionTypeE
_ZNK4Foam14objectRegistry8modifiedEv
_ZNK4Foam4Time8timeNameEv
_ZNK4Foam5token10parseErrorEPKc
_ZNK4Foam7argList13checkRootCaseEv
_ZNK4Foam8IOobject2dbEv
_ZNK4Foam8IOstream10fatalCheckEPKc
_ZNK4Foam8IOstream5checkEPKc
_ZNK4Foam9UIPstream5printERNS_7OstreamE
_ZNK4Foam9UOPstream5printERNS_7OstreamE

libfinitevolume

_ZN4Foam6fvMeshC1ERKNS_8IOobjectE
_ZN4Foam6fvMeshD1Ev

libgenericpatchfields

genericPatchFieldsLoad

liblagrangian

_ZN4Foam20passiveParticleCloudC1ERKNS_8polyMeshERKNS_4wordEb
_ZN4Foam5CloudINS_15passiveParticleEE8typeNameE
_ZN4Foam8particle14particleCount_E
_ZN4Foam8particle19transformPropertiesERKNS_6TensorIfEE
_ZN4Foam8particle19transformPropertiesERKNS_6VectorIfEE
_ZN4Foam8particle8typeNameE
_ZN4Foam8particleC2ERKNS_8polyMeshERNS_7IstreamEb
_ZN4Foam8particleC2ERKS0_
_ZNK4Foam8particle18wallImpactDistanceERKNS_6VectorIfEE
_ZNK4Foam8particle5writeERNS_7OstreamEb
_ZTVN4Foam8particleE

libgcc_s_sjlj-1

_Unwind_SjLj_Register
_Unwind_SjLj_Resume
_Unwind_SjLj_Unregister

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__C_specific_handler
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_lock
_onexit
_unlock
abort
calloc
exit
fprintf
free
fwrite
malloc
memcmp
memcpy
signal
strlen
strncmp
vfprintf

libstdc++-6

_ZNKSs3endEv
_ZNKSs4dataEv
_ZNKSs4sizeEv
_ZNKSs5beginEv
_ZNKSs5c_strEv
_ZNKSs6_M_repEv
_ZNKSs7_M_dataEv
_ZNSaIcEC1Ev
_ZNSaIcEC2ERKS_
_ZNSaIcEC2Ev
_ZNSaIcED1Ev
_ZNSaIcED2Ev
_ZNSolsEPFRSoS_E
_ZNSolsEi
_ZNSs12_Alloc_hiderC2EPcRKSaIcE
_ZNSs12_S_constructEycRKSaIcE
_ZNSs5beginEv
_ZNSs6appendEPKcy
_ZNSs6appendERKSs
_ZNSs6assignERKSs
_ZNSs6resizeEy
_ZNSs7reserveEy
_ZNSsC1Ev
_ZNSsC2EPKcRKSaIcE
_ZNSsC2ERKSs
_ZNSsC2Ev
_ZNSsD1Ev
_ZNSsD2Ev
_ZNSsaSERKSs
_ZNSt8bad_castD1Ev
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt4cerr
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVSt8bad_cast
_ZTVSt9exception
_ZdaPv
_ZdlPv
_Znay
_Znwy
__cxa_bad_cast
__cxa_begin_catch
__cxa_end_catch
__cxa_get_exception_ptr
__dynamic_cast
__gxx_personality_sj0

libtaush-mingw-w64-mpi-pdt.so

__cyg_profile_func_enter
__cyg_profile_func_exit

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28e0bb4455ab3a4e6d6ace58e73539c0

Headers

File Characteristics

Imports

libpstream

libopenfoam

libfinitevolume

libgenericpatchfields

liblagrangian

libgcc_s_sjlj-1

kernel32

msvcrt

libstdc++-6

libtaush-mingw-w64-mpi-pdt.so

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 9KB - Virtual size: 9KB

.pdata Size: 4KB - Virtual size: 4KB

.xdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 2KB

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 72B

.stab Size: 95KB - Virtual size: 95KB

.stabstr Size: 113KB - Virtual size: 113KB

/4 Size: 1024B - Virtual size: 1008B

/19 Size: 47KB - Virtual size: 46KB

/31 Size: 6KB - Virtual size: 6KB

/45 Size: 7KB - Virtual size: 7KB

/57 Size: 3KB - Virtual size: 2KB

/70 Size: 1KB - Virtual size: 1KB

/81 Size: 16KB - Virtual size: 16KB

/92 Size: 1024B - Virtual size: 864B

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 9KB - Virtual size: 9KB

.pdata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 72B

.stab
Size: 95KB - Virtual size: 95KB

.stabstr
Size: 113KB - Virtual size: 113KB

/4
Size: 1024B - Virtual size: 1008B

/19
Size: 47KB - Virtual size: 46KB

/31
Size: 6KB - Virtual size: 6KB

/45
Size: 7KB - Virtual size: 7KB

/57
Size: 3KB - Virtual size: 2KB

/70
Size: 1KB - Virtual size: 1KB

/81
Size: 16KB - Virtual size: 16KB

/92
Size: 1024B - Virtual size: 864B