236297cccbde20a7503b31fadf44a9e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

236297cccbde20a7503b31fadf44a9e0N.exe
Size

3.5MB
MD5

236297cccbde20a7503b31fadf44a9e0
SHA1

2663f859cd68b4e2c66561a4fa66c3b39a0b5aa7
SHA256

e45524d3a34b77f6d7ab8fe7d8d683a57e75672d161cc6474213d54bb001a2b9
SHA512

6f758980957ae3d69b077eb4843f2c4065d9805d2297d88444fd0daaca1298a427b44bb57987a8d69818d3355d4a359eace6a236e661e1d29cacf9dbf30fd064
SSDEEP

49152:aIKrZFf2lA+EgqWnVSdfzM+EsEhxX0Xl02:I7f0A+EvWnUbMUeX602

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
236297cccbde20a7503b31fadf44a9e0N.exe
unpack001/out.upx

Files

236297cccbde20a7503b31fadf44a9e0N.exe
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0?$CArray@V?$OPtr@VOOnlineOrdersFields@@@@AAV1@@@QAE@XZ
??0?$CArray@VOSeriesItem@@AAV1@@@QAE@XZ
??0?$CList@V?$OPtr@VOMediaCreatorDeviceConfig@@@@V1@@@QAE@H@Z
??0?$CList@V?$OPtr@VOMediaCreatorMediaConfig@@@@V1@@@QAE@H@Z
??0?$CList@V?$OPtr@VORefPhys@@@@ABV1@@@QAE@H@Z
??0?$CList@VOAdverseReactionsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOArchivedActualsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOArchivedInsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOArchivedReasonCodeFields@@AAV1@@@QAE@H@Z
??0?$CList@VOAuditStateHistoryFields@@AAV1@@@QAE@H@Z
??0?$CList@VOAutoQRConfigFields@@AAV1@@@QAE@H@Z
??0?$CList@VOBackupsFields@@AAV1@@@QAE@H@Z
??0?$CList@VODRUsersFields@@AAV1@@@QAE@H@Z
??0?$CList@VODicomStoreAndForwardsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOExamTypeProcCodeFields@@AAV1@@@QAE@H@Z
??0?$CList@VOGUIDFields@@AAV1@@@QAE@H@Z
??0?$CList@VOLinkedPatientCodesFields@@ABV1@@@QAE@H@Z
??0?$CList@VOOnlineActualsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOOnlineInsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOOnlineReasonCodeFields@@AAV1@@@QAE@H@Z
??0?$CList@VOPatAdverseReactionsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOPatInsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOPatientAKAFields@@AAV1@@@QAE@H@Z
??0?$CList@VORolePreferencesFields@@AAV1@@@QAE@H@Z
??0?$CList@VORolesFields@@AAV1@@@QAE@H@Z
??0?$CList@VOScheduledInsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOScheduledReasonCodeFields@@AAV1@@@QAE@H@Z
??0?$CList@VOSessionsAllInfoFields@@AAV1@@@QAE@H@Z
??0?$CList@VOSessionsFields@@AAV1@@@QAE@H@Z
??0?$CList@VOSitePreferencesFields@@AAV1@@@QAE@H@Z
??0?$CList@VOStationFields@@AAV1@@@QAE@H@Z
??0?$CList@VOStationLicenseFields@@AAV1@@@QAE@H@Z
??0?$CList@VOStationMACAddressFields@@AAV1@@@QAE@H@Z
??0?$CList@VOStationTypesFields@@AAV1@@@QAE@H@Z
??0?$CList@VOStationsWithMacAddressesFields@@AAV1@@@QAE@H@Z
??0?$CList@VOUserPracticeFields@@AAV1@@@QAE@H@Z
??0?$CList@VOUserPreferencesFields@@AAV1@@@QAE@H@Z
??0?$CList@VOUserRadStaffFields@@AAV1@@@QAE@H@Z
??0?$CList@VOUserRefDocFields@@AAV1@@@QAE@H@Z
??0?$CList@VOvIntrimAuditRecordsFields@@AAV1@@@QAE@H@Z
??0?$CMap@V?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBDV?$OPtr@VOHttpCopyFileMapItem@@@@AAV3@@@QAE@H@Z
??0?$CMap@V?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBDV?$OPtr@VOMediaCreatorMediaConfig@@@@V3@@@QAE@H@Z
??0?$CTypedPtrArray@VCPtrArray@@PAVOMgReportsExcelFields@@@@QAE@XZ
??0?$CTypedPtrArray@VCPtrArray@@PAVONoteTypesFields@@@@QAE@XZ
??0?$CTypedPtrArray@VCPtrArray@@PAVOTaskStatusFields@@@@QAE@XZ
??0?$OArrayList@VOAutomationActionQEntyList@@VOAutomationActionQEntry@@@@QAE@XZ
??0?$OArrayList@VOAutomationNotificationQEntyList@@VOAutomationNotificationQEntry@@@@QAE@XZ
??0?$OArrayList@VODFTOutList@@VODFTOutQEntry@@@@QAE@XZ
??0?$OArrayList@VOEventList@@VOEventQEntry@@@@QAE@XZ
??0?$OArrayList@VOExamFileList@@VOExamFile@@@@QAE@XZ
??0?$OArrayList@VOExamList@@VOExamFields@@@@QAE@XZ
??0?$OArrayList@VOExamReportStatusList@@VOExamReportStatusFields@@@@QAE@XZ
??0?$OArrayList@VOExamStatusList@@VOQExamStatusEntry@@@@QAE@XZ
??0?$OArrayList@VOFaxList@@VOFaxQEntry@@@@QAE@XZ
??0?$OArrayList@VOFullBillList@@VOFullBillQEntry@@@@QAE@XZ
??0?$OArrayList@VOORUOutList@@VOORUOutQEntry@@@@QAE@XZ
??0?$OArrayList@VOPatientLinkFieldsList@@VOPatientLinkFields@@@@QAE@XZ
??0?$OArrayList@VOPriorExamList@@VOPriorExamFields@@@@QAE@XZ
??0?$OArrayList@VORestoreExamList@@VORestoreExamEntry@@@@QAE@XZ
??0?$OArrayList@VOUserList@@VOUserFields@@@@QAE@XZ
??0?$OArrayMixin@VOAutomationActionQEntry@@@@QAE@XZ
??0?$OArrayMixin@VOAutomationNotificationQEntry@@@@QAE@XZ
??0?$OArrayMixin@VODFTOutQEntry@@@@QAE@XZ
??0?$OArrayMixin@VOEventQEntry@@@@QAE@XZ
??0?$OArrayMixin@VOExamFields@@@@QAE@XZ
??0?$OArrayMixin@VOExamFile@@@@QAE@XZ
??0?$OArrayMixin@VOExamReportStatusFields@@@@QAE@XZ
??0?$OArrayMixin@VOFaxQEntry@@@@QAE@XZ
??0?$OArrayMixin@VOFullBillQEntry@@@@QAE@XZ
??0?$OArrayMixin@VOORUOutQEntry@@@@QAE@XZ
??0?$OArrayMixin@VOPatientLinkFields@@@@QAE@XZ
??0?$OArrayMixin@VOPriorExamFields@@@@QAE@XZ
??0?$OArrayMixin@VOQExamStatusEntry@@@@QAE@XZ
??0?$OArrayMixin@VORestoreExamEntry@@@@QAE@XZ
??0?$OArrayMixin@VOUserFields@@@@QAE@XZ
??0?$OCopyableList@V?$OPtr@VOMediaCreatorDeviceConfig@@@@@@QAE@ABV0@@Z
??0?$OCopyableList@V?$OPtr@VOMediaCreatorDeviceConfig@@@@@@QAE@XZ
??0?$OCopyableList@V?$OPtr@VOMediaCreatorMediaConfig@@@@@@QAE@ABV0@@Z
??0?$OCopyableList@V?$OPtr@VOMediaCreatorMediaConfig@@@@@@QAE@XZ
??0?$OFieldList@VOArchivedActualsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOArchivedActualsFields@@@@QAE@H@Z
??0?$OFieldList@VOArchivedInsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOArchivedInsFields@@@@QAE@H@Z
??0?$OFieldList@VOArchivedReasonCodeFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOArchivedReasonCodeFields@@@@QAE@H@Z
??0?$OFieldList@VOOnlineActualsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOOnlineActualsFields@@@@QAE@H@Z
??0?$OFieldList@VOOnlineInsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOOnlineInsFields@@@@QAE@H@Z
??0?$OFieldList@VOOnlineReasonCodeFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOOnlineReasonCodeFields@@@@QAE@H@Z
??0?$OFieldList@VOPatAdverseReactionsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOPatAdverseReactionsFields@@@@QAE@H@Z
??0?$OFieldList@VOPatInsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOPatInsFields@@@@QAE@H@Z
??0?$OFieldList@VOPatientAKAFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOPatientAKAFields@@@@QAE@H@Z
??0?$OFieldList@VOScheduledInsFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOScheduledInsFields@@@@QAE@H@Z
??0?$OFieldList@VOScheduledReasonCodeFields@@@@QAE@ABV0@H@Z
??0?$OFieldList@VOScheduledReasonCodeFields@@@@QAE@H@Z
??0?$OFieldPtrArray@VOOnlineOrdersFields@@V?$OPtr@VOOnlineOrdersFields@@@@@@QAE@XZ
??0?$OFieldPtrList@VORefPhys@@V?$OPtr@VORefPhys@@@@@@QAE@ABV0@H@Z
??0?$OFieldPtrList@VORefPhys@@V?$OPtr@VORefPhys@@@@@@QAE@H@Z
??0?$OFormatList@VOA0AssessmentFields@@@@QAE@PBHPAV?$OListOf@VOA0AssessmentFields@@@@HH@Z
??0?$OFormatList@VOBreastTasksFields@@@@QAE@PBHPAV?$OListOf@VOBreastTasksFields@@@@HH@Z
??0?$OFormatList@VODailyWorkLtrFields@@@@QAE@PBHPAV?$OListOf@VODailyWorkLtrFields@@@@HH@Z
??0?$OFormatList@VODelinquentLtrFields@@@@QAE@PBHPAV?$OListOf@VODelinquentLtrFields@@@@HH@Z
??0?$OFormatList@VOExamFile@@@@QAE@PBHPAV?$OListOf@VOExamFile@@@@HH@Z
??0?$OFormatList@VOExamRcmndFields@@@@QAE@PBHPAV?$OListOf@VOExamRcmndFields@@@@HH@Z
??0?$OFormatList@VOMamExamFields@@@@QAE@PBHPAV?$OListOf@VOMamExamFields@@@@HH@Z
??0?$OFormatList@VOMammoBiopsyResultsFields@@@@QAE@PBHPAV?$OListOf@VOMammoBiopsyResultsFields@@@@HH@Z
??0?$OFormatList@VOMammoComHistGridCPFields@@@@QAE@PBHPAV?$OListOf@VOMammoComHistGridCPFields@@@@HH@Z
??0?$OFormatList@VOMammoComHistGridCSFields@@@@QAE@PBHPAV?$OListOf@VOMammoComHistGridCSFields@@@@HH@Z
??0?$OFormatList@VOMammoLtrRangeSentFields@@@@QAE@PBHPAV?$OListOf@VOMammoLtrRangeSentFields@@@@HH@Z
??0?$OFormatList@VOMammoLtrTemplatesFields@@@@QAE@PBHPAV?$OListOf@VOMammoLtrTemplatesFields@@@@HH@Z
??0?$OFormatList@VOMammoPatTrackFields@@@@QAE@PBHPAV?$OListOf@VOMammoPatTrackFields@@@@HH@Z
??0?$OFormatList@VOMammoSendLogFields@@@@QAE@PBHPAV?$OListOf@VOMammoSendLogFields@@@@HH@Z
??0?$OFormatList@VOMammoStatusLookupFields@@@@QAE@PBHPAV?$OListOf@VOMammoStatusLookupFields@@@@HH@Z
??0?$OFormatList@VONeedPathResultsFields@@@@QAE@PBHPAV?$OListOf@VONeedPathResultsFields@@@@HH@Z
??0?$OFormatList@VOOneYearFollowupLtrFields@@@@QAE@PBHPAV?$OListOf@VOOneYearFollowupLtrFields@@@@HH@Z
??0?$OFormatList@VOOtherExamFields@@@@QAE@PBHPAV?$OListOf@VOOtherExamFields@@@@HH@Z
??0?$OFormatList@VOPriorExamFields@@@@QAE@PBHPAV?$OListOf@VOPriorExamFields@@@@HH@Z
??0?$OFormatList@VORecentMediaFields@@@@QAE@PBHPAV?$OListOf@VORecentMediaFields@@@@HH@Z
??0?$OFormatList@VOSixMonthFollowupLtrFields@@@@QAE@PBHPAV?$OListOf@VOSixMonthFollowupLtrFields@@@@HH@Z
??0?$OListOf@VOA0AssessmentFields@@@@QAE@XZ
??0?$OListOf@VOAccessFields@@@@QAE@XZ
??0?$OListOf@VOActionsStatusesFields@@@@QAE@XZ
??0?$OListOf@VOActionsTypesFields@@@@QAE@XZ
??0?$OListOf@VOArcVolIDFields@@@@QAE@XZ
??0?$OListOf@VOArcVolIDInstanceFields@@@@QAE@XZ
??0?$OListOf@VOArchiveIDFields@@@@QAE@XZ
??0?$OListOf@VOArchivedExamFormsFields@@@@QAE@XZ
??0?$OListOf@VOAuditTrailViewFields@@@@QAE@XZ
??0?$OListOf@VOAutomationActionQEntry@@@@QAE@XZ
??0?$OListOf@VOAutomationNotificationQEntry@@@@QAE@XZ
??0?$OListOf@VOAvailErrorFields@@@@QAE@XZ
??0?$OListOf@VOAvailExamFields@@@@QAE@XZ
??0?$OListOf@VOAvailExamFormsFields@@@@QAE@XZ
??0?$OListOf@VOAvailImageFields@@@@QAE@XZ
??0?$OListOf@VOBreastTasksFields@@@@QAE@XZ
??0?$OListOf@VOCacheDeviceFields@@@@QAE@XZ
??0?$OListOf@VOCodingSubsetFields@@@@QAE@XZ
??0?$OListOf@VOCodingSubsetTermsFields@@@@QAE@XZ
??0?$OListOf@VOCodingTermsFields@@@@QAE@XZ
??0?$OListOf@VOCodingTermsSubsetFields@@@@QAE@XZ
??0?$OListOf@VOCorrRepRStatGNamesFields@@@@QAE@XZ
??0?$OListOf@VOCustomValueExamFields@@@@QAE@XZ
??0?$OListOf@VOCustomValueFields@@@@QAE@XZ
??0?$OListOf@VOCustomValuePatientFields@@@@QAE@XZ
??0?$OListOf@VODBDataMapFields@@@@QAE@XZ
??0?$OListOf@VODFTOutQEntry@@@@QAE@XZ
??0?$OListOf@VODRMammoFields@@@@QAE@XZ
??0?$OListOf@VODailyWorkLtrFields@@@@QAE@XZ
??0?$OListOf@VODelinquentLtrFields@@@@QAE@XZ
??0?$OListOf@VODiagnosisCodesFields@@@@QAE@XZ
??0?$OListOf@VODueDaysLogFields@@@@QAE@XZ
??0?$OListOf@VOEventDescriptionFields@@@@QAE@XZ
??0?$OListOf@VOEventQEntry@@@@QAE@XZ
??0?$OListOf@VOExamBackupFields@@@@QAE@XZ
??0?$OListOf@VOExamCustomsFields@@@@QAE@XZ
??0?$OListOf@VOExamDescrCombinedFields@@@@QAE@XZ
??0?$OListOf@VOExamDescrFields@@@@QAE@XZ
??0?$OListOf@VOExamFields@@@@QAE@XZ
??0?$OListOf@VOExamFile@@@@QAE@XZ
??0?$OListOf@VOExamFormTypeFields@@@@QAE@XZ
??0?$OListOf@VOExamFormTypeJoinFields@@@@QAE@XZ
??0?$OListOf@VOExamFormsCategoryFields@@@@QAE@XZ
??0?$OListOf@VOExamFormsCategoryIOCodeFields@@@@QAE@XZ
??0?$OListOf@VOExamFormsIOCodeFields@@@@QAE@XZ
??0?$OListOf@VOExamFormsRelationshipFields@@@@QAE@XZ
??0?$OListOf@VOExamNotesOnlRelFields@@@@QAE@XZ
??0?$OListOf@VOExamNotesScdRelFields@@@@QAE@XZ
??0?$OListOf@VOExamRcmndFields@@@@QAE@XZ
??0?$OListOf@VOExamRecFields@@@@QAE@XZ
??0?$OListOf@VOExamRecFields_join@@@@QAE@XZ
??0?$OListOf@VOExamRegisRecFields@@@@QAE@XZ
??0?$OListOf@VOExamRegisRecInsEligFields@@@@QAE@XZ
??0?$OListOf@VOExamReportMapFields@@@@QAE@XZ
??0?$OListOf@VOExamReportStatusFields@@@@QAE@XZ
??0?$OListOf@VOExamTypeFields@@@@QAE@XZ
??0?$OListOf@VOExamTypeJoinFields@@@@QAE@XZ
??0?$OListOf@VOExmTypTmpLinkFields@@@@QAE@XZ
??0?$OListOf@VOFamilyCancerFields@@@@QAE@XZ
??0?$OListOf@VOFaxQEntry@@@@QAE@XZ
??0?$OListOf@VOFileFormatFields@@@@QAE@XZ
??0?$OListOf@VOFullBillQEntry@@@@QAE@XZ
??0?$OListOf@VOGenNameFields@@@@QAE@XZ
??0?$OListOf@VOHDLTAFields@@@@QAE@XZ
??0?$OListOf@VOHemoDataAvailFlds@@@@QAE@XZ
??0?$OListOf@VOHistologyTypesLookupFields@@@@QAE@XZ
??0?$OListOf@VOInProgressFields@@@@QAE@XZ
??0?$OListOf@VOInsPlanFields@@@@QAE@XZ
??0?$OListOf@VOInsPlanTypesFields@@@@QAE@XZ
??0?$OListOf@VOJnPtReFields@@@@QAE@XZ
??0?$OListOf@VOJnReRiFields@@@@QAE@XZ
??0?$OListOf@VOJnRiRrFields@@@@QAE@XZ
??0?$OListOf@VOJnRpRevisionGenNamesFields@@@@QAE@XZ
??0?$OListOf@VOJoinExamReportFields@@@@QAE@XZ
??0?$OListOf@VOJoinRepEditGenNameFields@@@@QAE@XZ
??0?$OListOf@VOJoinRpStatusGenNameFields@@@@QAE@XZ
??0?$OListOf@VOKnownSitesFields@@@@QAE@XZ
??0?$OListOf@VOMamExamFields@@@@QAE@XZ
??0?$OListOf@VOMammoAssessFields@@@@QAE@XZ
??0?$OListOf@VOMammoBiopsyResultsFields@@@@QAE@XZ
??0?$OListOf@VOMammoComHistGridCPFields@@@@QAE@XZ
??0?$OListOf@VOMammoComHistGridCSFields@@@@QAE@XZ
??0?$OListOf@VOMammoComposeFields@@@@QAE@XZ
??0?$OListOf@VOMammoEnhanceFields@@@@QAE@XZ
??0?$OListOf@VOMammoExamFields@@@@QAE@XZ
??0?$OListOf@VOMammoLtrClassLookupFields@@@@QAE@XZ
??0?$OListOf@VOMammoLtrRangeSentFields@@@@QAE@XZ
??0?$OListOf@VOMammoLtrTemplatesFields@@@@QAE@XZ
??0?$OListOf@VOMammoLtrTypeLookupFields@@@@QAE@XZ
??0?$OListOf@VOMammoPatComPrefLookupFields@@@@QAE@XZ
??0?$OListOf@VOMammoPatLangLookupFields@@@@QAE@XZ
??0?$OListOf@VOMammoPatTrackFields@@@@QAE@XZ
??0?$OListOf@VOMammoPatientFields@@@@QAE@XZ
??0?$OListOf@VOMammoRcmndFields@@@@QAE@XZ
??0?$OListOf@VOMammoRcmndGrpFields@@@@QAE@XZ
??0?$OListOf@VOMammoRcmndTimeframeFields@@@@QAE@XZ
??0?$OListOf@VOMammoRepAssessFields@@@@QAE@XZ
??0?$OListOf@VOMammoRepRcmndFields@@@@QAE@XZ
??0?$OListOf@VOMammoRiskFields@@@@QAE@XZ
??0?$OListOf@VOMammoRiskReasonFields@@@@QAE@XZ
??0?$OListOf@VOMammoRiskTrackFields@@@@QAE@XZ
??0?$OListOf@VOMammoRskTrkTypeFields@@@@QAE@XZ
??0?$OListOf@VOMammoSendLogFields@@@@QAE@XZ
??0?$OListOf@VOMammoSiteComposeFields@@@@QAE@XZ
??0?$OListOf@VOMammoStatusLookupFields@@@@QAE@XZ
??0?$OListOf@VOMessageTracerFields@@@@QAE@XZ
??0?$OListOf@VOMgReportsExcelRepFields@@@@QAE@XZ
??0?$OListOf@VOModAuthFields@@@@QAE@XZ
??0?$OListOf@VONeedPathResultsFields@@@@QAE@XZ
??0?$OListOf@VONextRptIDFields@@@@QAE@XZ
??0?$OListOf@VONoteCategoryFields@@@@QAE@XZ
??0?$OListOf@VONoteTypesFields@@@@QAE@XZ
??0?$OListOf@VONotesArchFields@@@@QAE@XZ
??0?$OListOf@VONotesAvailFields@@@@QAE@XZ
??0?$OListOf@VONotesFields@@@@QAE@XZ
??0?$OListOf@VONotesSchedFields@@@@QAE@XZ
??0?$OListOf@VOOBRTracerFields@@@@QAE@XZ
??0?$OListOf@VOOBXTracerFields@@@@QAE@XZ
??0?$OListOf@VOORUOutQEntry@@@@QAE@XZ
??0?$OListOf@VOOffpatFields@@@@QAE@XZ
??0?$OListOf@VOOneYearFollowupLtrFields@@@@QAE@XZ
??0?$OListOf@VOOnlineExamFormsFields@@@@QAE@XZ
??0?$OListOf@VOOnlineInsEligibilityInfoFields@@@@QAE@XZ
??0?$OListOf@VOOtherExamFields@@@@QAE@XZ
??0?$OListOf@VOPPSFields@@@@QAE@XZ
??0?$OListOf@VOPRActLogFields@@@@QAE@XZ
??0?$OListOf@VOPREvCodeFields@@@@QAE@XZ
??0?$OListOf@VOPRStatFields@@@@QAE@XZ
??0?$OListOf@VOPRevMbrTypeFields@@@@QAE@XZ
??0?$OListOf@VOPRevMembersFields@@@@QAE@XZ
??0?$OListOf@VOPRevReadPhysFields@@@@QAE@XZ
??0?$OListOf@VOPatListFields@@@@QAE@XZ
??0?$OListOf@VOPatientAKAFields@@@@QAE@XZ
??0?$OListOf@VOPatientCustomsFields@@@@QAE@XZ
??0?$OListOf@VOPatientLinkFields@@@@QAE@XZ
??0?$OListOf@VOPatientMergeQueueFields@@@@QAE@XZ
??0?$OListOf@VOPaymentsFields@@@@QAE@XZ
??0?$OListOf@VOPeerRevRelFields@@@@QAE@XZ
??0?$OListOf@VOPhoneConfirmationStatusesFields@@@@QAE@XZ
??0?$OListOf@VOPriorExamFields@@@@QAE@XZ
??0?$OListOf@VOQExamStatusEntry@@@@QAE@XZ
??0?$OListOf@VOQMFNInfoEntry@@@@QAE@XZ
??0?$OListOf@VOQPatientInfoEntry@@@@QAE@XZ
??0?$OListOf@VOQRefDocInfoEntry@@@@QAE@XZ
??0?$OListOf@VOQueryTracerFields@@@@QAE@XZ
??0?$OListOf@VORadStaffFields@@@@QAE@XZ
??0?$OListOf@VORadStaffPrefsFields@@@@QAE@XZ
??0?$OListOf@VOReadReportDataFields@@@@QAE@XZ
??0?$OListOf@VORecentMediaFields@@@@QAE@XZ
??0?$OListOf@VORefDocCombinedFields@@@@QAE@XZ
??0?$OListOf@VORefDocFields@@@@QAE@XZ
??0?$OListOf@VORefDocOfficeFields@@@@QAE@XZ
??0?$OListOf@VORefDocOfficeLinkFields@@@@QAE@XZ
??0?$OListOf@VORefDocPracticeFields@@@@QAE@XZ
??0?$OListOf@VORefDocSelectFields@@@@QAE@XZ
??0?$OListOf@VORepEditorFields@@@@QAE@XZ
??0?$OListOf@VORepFileLinksFields@@@@QAE@XZ
??0?$OListOf@VOReportExceptionsFields@@@@QAE@XZ
??0?$OListOf@VOReportFields@@@@QAE@XZ
??0?$OListOf@VOReportInfoFields@@@@QAE@XZ
??0?$OListOf@VORepositoryFields@@@@QAE@XZ
??0?$OListOf@VORestoreExamEntry@@@@QAE@XZ
??0?$OListOf@VORpCodeFields@@@@QAE@XZ
??0?$OListOf@VORpExRelationFields@@@@QAE@XZ
??0?$OListOf@VORpRevisionFields@@@@QAE@XZ
??0?$OListOf@VORpStatusFields@@@@QAE@XZ
??0?$OListOf@VOSRTemplateFields@@@@QAE@XZ
??0?$OListOf@VOSRTypeFieldsFields@@@@QAE@XZ
??0?$OListOf@VOSRTypesFields@@@@QAE@XZ
??0?$OListOf@VOScheduledExamFormsFields@@@@QAE@XZ
??0?$OListOf@VOScheduledInsEligibilityInfoFields@@@@QAE@XZ
??0?$OListOf@VOServiceCodesFields@@@@QAE@XZ
??0?$OListOf@VOSixMonthFollowupLtrFields@@@@QAE@XZ
??0?$OListOf@VOSmartFormRelationshipFields@@@@QAE@XZ
??0?$OListOf@VOSmartFormTemplateFields@@@@QAE@XZ
??0?$OListOf@VOSmartFormTemplatePrimaryFields@@@@QAE@XZ
??0?$OListOf@VOSmartFormTemplate_JoinFields@@@@QAE@XZ
??0?$OListOf@VOSrvAuthFields@@@@QAE@XZ
??0?$OListOf@VOSysTableFields@@@@QAE@XZ
??0?$OListOf@VOTaskLogFields@@@@QAE@XZ
??0?$OListOf@VOTaskStatTypesFields@@@@QAE@XZ
??0?$OListOf@VOTaskStatusFields@@@@QAE@XZ
??0?$OListOf@VOTemplatesFields@@@@QAE@XZ
??0?$OListOf@VOTmplInsertPntFields@@@@QAE@XZ
??0?$OListOf@VOTskTpStListFields@@@@QAE@XZ
??0?$OListOf@VOUserFields@@@@QAE@XZ
??0?$OListOf@VOVersionFields@@@@QAE@XZ
??0?$OListOf@VOViewExTypETTRTemplFields@@@@QAE@XZ
??0?$OMemArrayList@VOExamList@@VOExamFields@@@@QAE@PAV?$CArray@PAVOExamFields@@PAV1@@DR@@H@Z
??0?$OMemArrayList@VOExamList@@VOExamFields@@@@QAE@XZ
??0?$OMemArrayList@VOExamReportStatusList@@VOExamReportStatusFields@@@@QAE@PAV?$CArray@PAVOExamReportStatusFields@@PAV1@@DR@@H@Z
??0?$OMemArrayList@VOExamReportStatusList@@VOExamReportStatusFields@@@@QAE@XZ
??0?$OMemArrayList@VOPatientLinkFieldsList@@VOPatientLinkFields@@@@QAE@PAV?$CArray@PAVOPatientLinkFields@@PAV1@@DR@@H@Z
??0?$OMemArrayList@VOPatientLinkFieldsList@@VOPatientLinkFields@@@@QAE@XZ
??0?$OMemArrayList@VOPriorExamList@@VOPriorExamFields@@@@QAE@PAV?$CArray@PAVOPriorExamFields@@PAV1@@DR@@H@Z
??0?$OMemArrayList@VOPriorExamList@@VOPriorExamFields@@@@QAE@XZ
??0?$OTypedPtrArray@VOMgReportsExcelFields@@@@QAE@ABV0@@Z
??0?$OTypedPtrArray@VOMgReportsExcelFields@@@@QAE@XZ
??0?$OTypedPtrArray@VONoteTypesFields@@@@QAE@ABV0@@Z
??0?$OTypedPtrArray@VONoteTypesFields@@@@QAE@XZ
??0?$OTypedPtrArray@VOTaskStatusFields@@@@QAE@ABV0@@Z
??0?$OTypedPtrArray@VOTaskStatusFields@@@@QAE@XZ
??0CFieldsException@@QAE@W4Reason@0@@Z
??0CannedNoteParams@@QAE@XZ
??0OA0AssessmentFields@@QAE@ABV0@@Z
??0OA0AssessmentFields@@QAE@XZ
??0OA0AssessmentList@@QAE@XZ
??0OABNTreeNode@@QAE@XZ
??0OANDTreeNode@@QAE@XZ
??0OAccessFields@@QAE@ABV0@@Z
??0OAccessFields@@QAE@XZ
??0OAccessLevel@@IAE@XZ
??0OAccessLevel@@QAE@ABV0@@Z
??0OAccessList@@QAE@XZ
??0OAcqTechNameTreeNode@@QAE@XZ
??0OActionsStatusesFields@@QAE@AAV0@@Z
??0OActionsStatusesFields@@QAE@XZ
??0OActionsStatusesList@@QAE@XZ
??0OActionsTypesFields@@QAE@AAV0@@Z
??0OActionsTypesFields@@QAE@XZ
??0OActionsTypesList@@QAE@XZ
??0OAdverseReactionsFields@@QAE@AAV0@@Z
??0OAdverseReactionsFields@@QAE@XZ
??0OAdverseReactionsList@@QAE@ABV0@H@Z
??0OAdverseReactionsList@@QAE@H@Z
??0OAnonymizeTreeNode@@QAE@XZ
??0OArcVolIDFields@@QAE@ABV0@@Z
??0OArcVolIDFields@@QAE@XZ
??0OArcVolIDInstanceFields@@QAE@ABV0@@Z
??0OArcVolIDInstanceFields@@QAE@XZ
??0OArcVolIDInstanceList@@QAE@XZ
??0OArcVolIDList@@QAE@XZ
??0OArchiveIDFields@@QAE@ABV0@@Z
??0OArchiveIDFields@@QAE@XZ
??0OArchiveIDList@@QAE@XZ
??0OArchiveStatusTreeNode@@QAE@XZ
??0OArchivedActiveObjectListFields@@QAE@AAV0@@Z
??0OArchivedActiveObjectListFields@@QAE@XZ
??0OArchivedActualsFields@@QAE@ABV0@@Z
??0OArchivedActualsFields@@QAE@XZ
??0OArchivedActualsList@@QAE@ABV0@H@Z
??0OArchivedActualsList@@QAE@H@Z
??0OArchivedExamFormsArray@@QAE@ABV0@@Z
??0OArchivedExamFormsArray@@QAE@ABV?$OTypedPtrArray@VOArchivedExamFormsFields@@@@@Z
??0OArchivedExamFormsArray@@QAE@XZ
??0OArchivedExamFormsFields@@QAE@ABV0@@Z
??0OArchivedExamFormsFields@@QAE@XZ
??0OArchivedExamFormsList@@QAE@XZ
??0OArchivedGuarantorFields@@QAE@AAV0@@Z
??0OArchivedGuarantorFields@@QAE@XZ
??0OArchivedHistoryActiveObjectListFields@@QAE@AAV0@@Z
??0OArchivedHistoryActiveObjectListFields@@QAE@XZ
??0OArchivedInsFields@@QAE@ABV0@@Z
??0OArchivedInsFields@@QAE@XZ
??0OArchivedInsList@@QAE@ABV0@H@Z
??0OArchivedInsList@@QAE@H@Z
??0OArchivedOrdersFields@@QAE@AAV0@@Z
??0OArchivedOrdersFields@@QAE@XZ
??0OArchivedPatientTrackingFields@@QAE@AAV0@@Z
??0OArchivedPatientTrackingFields@@QAE@XZ
??0OArchivedReasonCodeFields@@QAE@ABV0@@Z
??0OArchivedReasonCodeFields@@QAE@XZ
??0OArchivedReasonCodeList@@QAE@ABV0@H@Z
??0OArchivedReasonCodeList@@QAE@H@Z
??0OAssignedPhysTreeNode@@QAE@XZ
??0OAuditStateHistoryFields@@QAE@AAV0@@Z
??0OAuditStateHistoryFields@@QAE@XZ
??0OAuditStateHistoryFieldsList@@QAE@ABV0@H@Z
??0OAuditStateHistoryFieldsList@@QAE@H@Z
??0OAuditTrailViewFields@@QAE@AAV0@@Z
??0OAuditTrailViewFields@@QAE@XZ
??0OAuditTrailViewList@@QAE@XZ
??0OAuthorizationTreeNode@@QAE@XZ
??0OAutoQRConfigFields@@QAE@AAV0@@Z
??0OAutoQRConfigFields@@QAE@XZ
??0OAutoQRConfigFieldsList@@QAE@ABV0@H@Z
??0OAutoQRConfigFieldsList@@QAE@H@Z
??0OAutomationActionQEntry@@QAE@ABV0@@Z
??0OAutomationActionQEntry@@QAE@ABVOQEntry@@@Z
??0OAutomationActionQEntry@@QAE@XZ
??0OAutomationActionQEntyList@@QAE@XZ
??0OAutomationNotificationQEntry@@QAE@ABV0@@Z
??0OAutomationNotificationQEntry@@QAE@ABVOQEntry@@@Z
??0OAutomationNotificationQEntry@@QAE@XZ
??0OAutomationNotificationQEntyList@@QAE@XZ
??0OAvailErrorFields@@QAE@AAV0@@Z
??0OAvailErrorFields@@QAE@XZ
??0OAvailErrorList@@QAE@XZ
??0OAvailExamFields@@QAE@AAV0@@Z
??0OAvailExamFields@@QAE@XZ
??0OAvailExamFormsArray@@QAE@ABV0@@Z
??0OAvailExamFormsArray@@QAE@ABV?$OTypedPtrArray@VOAvailExamFormsFields@@@@@Z
??0OAvailExamFormsArray@@QAE@XZ
??0OAvailExamFormsFields@@QAE@ABV0@@Z
??0OAvailExamFormsFields@@QAE@XZ
??0OAvailExamFormsList@@QAE@XZ
??0OAvailExamList@@QAE@XZ
??0OAvailExamUIDMapFields@@QAE@AAV0@@Z
??0OAvailExamUIDMapFields@@QAE@XZ
??0OAvailImageFields@@QAE@ABV0@@Z
??0OAvailImageFields@@QAE@XZ
??0OAvailImageList@@QAE@XZ
??0OBackupsFields@@QAE@AAV0@@Z
??0OBackupsFields@@QAE@XZ
??0OBackupsFieldsList@@QAE@ABV0@H@Z
??0OBackupsFieldsList@@QAE@H@Z
??0OBaseEventManager@@QAE@XZ
??0OBaseQEntryIO@@QAE@ABV0@@Z
??0OBaseQEntryIO@@QAE@XZ
??0OBaseReportManagerHttpSvrGet@@QAE@ABV0@@Z
??0OBaseReportManagerHttpSvrGet@@QAE@XZ
??0OBiopsyRsltsTreeNode@@QAE@XZ
??0OBreastTasksFields@@QAE@ABV0@@Z
??0OBreastTasksFields@@QAE@XZ
??0OBreastTasksList@@QAE@XZ
??0OBreastTreeNode@@QAE@XZ
??0OCacheDeviceFields@@QAE@ABV0@@Z
??0OCacheDeviceFields@@QAE@XZ
??0OCacheDeviceList@@QAE@XZ
??0OCallStrikeOnEntry@QueueServer@@QAE@PAVODataSource@@V?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@1@Z
??0OCallStrikeOnEntry@QueueServer@@QAE@XZ
??0OCodingSubsetFields@@QAE@AAV0@@Z
??0OCodingSubsetFields@@QAE@XZ
??0OCodingSubsetList@@QAE@XZ
??0OCodingSubsetTermsFields@@QAE@AAV0@@Z
??0OCodingSubsetTermsFields@@QAE@XZ
??0OCodingSubsetTermsList@@QAE@XZ
??0OCodingTermsFields@@QAE@AAV0@@Z
??0OCodingTermsFields@@QAE@XZ
??0OCodingTermsList@@QAE@XZ
??0OCodingTermsSubsetFields@@QAE@AAV0@@Z
??0OCodingTermsSubsetFields@@QAE@XZ
??0OCodingTermsSubsetList@@QAE@XZ
??0OCopyFileInfo@@QAE@ABV0@@Z
??0OCopyFileInfo@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVOTransferObject@@H@Z
??0OCopyStatusThread@@QAE@HH@Z
??0OCopyThread@@QAE@HHH@Z
??0OCopyWorkerThread@@QAE@PAVOCopyThread@@H@Z
??0OCorrRepRStatGNamesFields@@QAE@ABV0@@Z
??0OCorrRepRStatGNamesFields@@QAE@XZ
??0OCorrRepRStatGNamesList@@QAE@XZ
??0OCountedAvailImageFields@@QAE@ABVOAvailImageFields@@@Z
??0OCountedAvailImageFields@@QAE@XZ
??0OCustomValueExamFields@@QAE@AAV0@@Z
??0OCustomValueExamFields@@QAE@XZ
??0OCustomValueExamList@@QAE@XZ
??0OCustomValueFields@@QAE@AAV0@@Z
??0OCustomValueFields@@QAE@XZ
??0OCustomValueList@@QAE@XZ
??0OCustomValuePatientFields@@QAE@AAV0@@Z
??0OCustomValuePatientFields@@QAE@XZ
??0OCustomValuePatientList@@QAE@XZ
??0ODBDataMapFields@@QAE@ABV0@@Z
??0ODBDataMapFields@@QAE@XZ
??0ODBDataMapList@@QAE@XZ
??0ODBFilter@@QAE@ABV0@@Z
??0ODBFilter@@QAE@PBV0@@Z
??0ODBFilter@@QAE@V?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0@Z
??0ODBFilterGroup@@QAE@XZ
??0ODBFilterGroupList@@QAE@XZ
??0ODBFilterTreeNode@@QAE@XZ
??0ODFTOutList@@QAE@XZ
??0ODFTOutQEntry@@QAE@ABV0@@Z
??0ODFTOutQEntry@@QAE@ABVOQEntry@@@Z
??0ODFTOutQEntry@@QAE@XZ
??0ODFTOutQueue@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@00HH@Z
??0ODFTOutQueue@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0H@Z
??0ODFTOutQueue@@QAE@PBVOQueueConfig@@@Z
??0ODICOMObject@@QAE@XZ
??0ODRMammoFields@@QAE@ABV0@@Z
??0ODRMammoFields@@QAE@XZ
??0ODRMammoList@@QAE@XZ
??0ODRUsersFields@@QAE@AAV0@@Z
??0ODRUsersFields@@QAE@XZ
??0ODRUsersFieldsList@@QAE@ABV0@H@Z

Sections

UPX0
Size: - Virtual size: 7.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 7.4MB

UPX1 Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 124KB - Virtual size: 132KB

.rsrc Size: 85KB - Virtual size: 85KB

.reloc Size: 696KB - Virtual size: 695KB

UPX0
Size: - Virtual size: 7.4MB

UPX1
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 4.7MB - Virtual size: 4.7MB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 124KB - Virtual size: 132KB

.rsrc
Size: 85KB - Virtual size: 85KB

.reloc
Size: 696KB - Virtual size: 695KB