BorisFX Sapphire OFX[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

BorisFX Sapphire OFX.zip
Size

216.2MB
MD5

4742588d6a98ff10d1366189eefba0f7
SHA1

118010c79d0a1eed023695ec52b3033c793e6eb4
SHA256

493ab2e222425088cdb1b3622a0421ec94cfa5a0b9cf54dee76502daec4bae03
SHA512

57dc30e717c5a10ce9c9605f4b13be357e3555192e5d6d02a2bd6adbd307af425745a78e7419824991fef167807cce88ac0e0e7e01d789b30e7d6ec050986ee6
SSDEEP

6291456:bhRzWsenRwkLYNw2UV9iGWM9icKuhgG083xin3PDwkjThikh:bzzWjnRNYNcV9PWM8cKuhR083xin/3jl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BorisFX Sapphire OFX/File/Sapphire.ofx

Files

BorisFX Sapphire OFX.zip
.zip
BorisFX Sapphire OFX/Como ativar.txt
BorisFX Sapphire OFX/File/Sapphire.ofx
.dll windows:5 windows x64 arch:x64

3228bcf040982ec08ed722478f067769

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

cufft64_42_9

cufftDestroy
cufftExecC2C
cufftPlan2d

cudart64_42_9

cudaFuncGetAttributes
cudaBindTextureToArray
cudaGetChannelDesc
cudaFreeArray
cudaFree
cudaMalloc
cudaMemset2D
cudaMemcpy2D
cudaMemcpy
cudaThreadSynchronize
cudaMemcpyToArray
cudaGraphicsUnmapResources
cudaGraphicsUnregisterResource
cudaGraphicsGLRegisterImage
cudaGraphicsMapResources
cudaGraphicsSubResourceGetMappedArray
cudaMemcpyFromArray
cudaMallocHost
cudaFreeHost
cudaMemset
cudaMemcpyAsync
__cudaUnregisterFatBinary
cudaLaunch
cudaSetupArgument
cudaConfigureCall
cudaGetLastError
__cudaRegisterFunction
__cudaRegisterFatBinary
cudaMemcpyToSymbol
__cudaRegisterVar
cudaCreateChannelDesc
cudaUnbindTexture
cudaBindTexture2D
cudaDriverGetVersion
cudaRuntimeGetVersion
cudaGetDeviceCount
cudaMallocPitch
cudaGetTextureReference
cudaGetDevice
cudaGetDeviceProperties
cudaGetErrorString
cudaMallocArray
cudaMemcpy2DToArray
__cudaRegisterTexture

kernel32

ReleaseMutex
FindClose
GetLastError
FindNextFileA
FindFirstFileA
QueryPerformanceCounter
GetSystemInfo
Sleep
TerminateProcess
OpenProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
GetFileAttributesExA
CloseHandle
GetExitCodeProcess
GetEnvironmentVariableA
OutputDebugStringA
GetModuleHandleA
GetProcAddress
GetTickCount
SwitchToThread
LocalFree
GetCurrentProcess
GetSystemTimeAsFileTime
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
DuplicateHandle
MapViewOfFileEx
FormatMessageA
SetProcessAffinityMask
GetProcessAffinityMask
GetTempPathA
GetVersionExA
TerminateThread
GetSystemDirectoryA
GetModuleFileNameA
GetCommandLineA
GetSystemDefaultLCID
GlobalFree
LoadLibraryA
SetLastError
GlobalAlloc
GetCurrentThreadId
RemoveDirectoryA
QueryPerformanceFrequency
CreateSemaphoreA
CreateMutexA
FreeLibrary
LoadLibraryExA
DeviceIoControl
CreateFileA
ReleaseSemaphore
WaitForSingleObject
ConvertThreadToFiber
SetFileAttributesW
SystemTimeToFileTime
SetErrorMode
ResumeThread
GetComputerNameExW
TlsGetValue
GetModuleFileNameW
GetProcessHeap
WriteFile
GetComputerNameW
SetThreadPriority
GetProcessTimes
GetEnvironmentVariableW
CreateFiberEx
OpenMutexA
ConvertFiberToThread
OpenSemaphoreA
GetSystemTime
FileTimeToSystemTime
FlushFileBuffers
GetWindowsDirectoryA
ExpandEnvironmentStringsA
EncodePointer
GetVersionExW
LoadLibraryW
GlobalMemoryStatus
GetStdHandle
GetFileType
GetVersion
CreateDirectoryA
WideCharToMultiByte
MultiByteToWideChar
CreateProcessA
GetVolumeInformationA
GetFileInformationByHandle
GetFileAttributesA
GetFileSize
GetFileSizeEx
GetCurrentProcessId
ExitThread
CreateFileW
LoadLibraryExW
TlsAlloc
GetDriveTypeA
SwitchToFiber
GetLocalTime
GetLogicalDrives
DeleteFiber
SearchPathA
HeapReAlloc
HeapAlloc
TlsSetValue
CreateProcessW
HeapFree
QueryDosDeviceA
DefineDosDeviceA
FindFirstFileW
FindNextFileW
DeleteCriticalSection
ResetEvent
OpenEventA
WaitForMultipleObjects
SetEvent
FlushViewOfFile
LocalAlloc
lstrcmpA
lstrlenA
MapViewOfFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
ReadFile
CreateEventA
CreateThread
DeleteFileA
SetFilePointer

user32

PostMessageA
DestroyWindow
EnableWindow
GetDesktopWindow
DialogBoxParamA
SetWindowPos
IsDlgButtonChecked
GetWindowRect
GetDlgItem
CheckDlgButton
ShowWindow
GetWindowTextA
SetDlgItemTextA
CallNextHookEx
GetForegroundWindow
SetWindowsHookExA
SetTimer
MessageBoxA
KillTimer
GetSystemMetrics
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW
UnhookWindowsHookEx
AllowSetForegroundWindow
wsprintfA
SetWindowTextA
EndDialog

advapi32

RegOpenKeyExA
AddAccessAllowedAceEx
SetSecurityDescriptorDacl
InitializeAcl
CreateWellKnownSid
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyA
RegEnumKeyExA
RegDeleteValueA
GetSecurityInfo
SetSecurityInfo
IsValidAcl
RegEnumKeyA
RegDeleteKeyA
AllocateAndInitializeSid
SetEntriesInAclA
SetNamedSecurityInfoA
FreeSid
ConvertSidToStringSidA
OpenProcessToken
GetTokenInformation
RegCreateKeyExA
RegSetValueExA
InitializeSecurityDescriptor
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

SHGetFolderPathA
ShellExecuteA
SHGetSpecialFolderPathA
ord680

ole32

CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CoUninitialize

oleaut32

SafeArrayUnaccessData
SysAllocString
SysFreeString
VariantClear
SafeArrayAccessData

comctl32

ord17

wsock32

getsockopt
connect
WSAGetLastError
socket
gethostbyname
setsockopt
bind
WSAStartup
WSACleanup
closesocket
__WSAFDIsSet
select
getservbyname
recv
send
sendto
recvfrom
getpeername
getsockname
inet_ntoa
accept
ioctlsocket

glu32

gluNewQuadric
gluQuadricDrawStyle
gluDisk
gluDeleteQuadric

opengl32

glPushAttrib
glGetFloatv
glMatrixMode
glPopClientAttrib
glBitmap
glDisable
glEnable
glLineStipple
glLineWidth
glColor3f
glEnd
glVertex2fv
glBegin
glPixelStorei
glPushClientAttrib
glRasterPos2f
glVertex2f
glGetIntegerv
glLoadMatrixf
glPopMatrix
glPopAttrib
glTranslatef
glPushMatrix
glFlush

libmmd

atanf
tanf
cos
fabs
ldexp
exp
sqrt
sqrtf
asin
frexp
acos
atan2
log10f
asinf
sin
atan
tan
log
modf
log10
__libm_sse2_sincos
cosf
sinf
acosf
fmod
__libm_sse2_sincosf
expf
atan2f
logf
fmodf
powf
ceilf
ceil
floorf
pow
floor

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo
GetIfTable

winhttp

WinHttpOpen
WinHttpGetDefaultProxyConfiguration
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser

ws2_32

shutdown
listen
getaddrinfo
WSAStringToAddressA
htons
gethostname
ntohl
freeaddrinfo

openimageio

?basesize@TypeDesc@v1_0@OpenImageIO@@QEBA_KXZ
?create@ImageCache@v1_0@OpenImageIO@@SAPEAV123@_N@Z
?make_unique@ustring@v1_0@OpenImageIO@@SAPEBDPEBD@Z
?get_float_attribute@ImageSpec@v1_0@OpenImageIO@@QEBAMAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@M@Z
?geterror@v1_0@OpenImageIO@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??1ImageSpec@v1_0@OpenImageIO@@QEAA@XZ
??0ImageSpec@v1_0@OpenImageIO@@QEAA@UTypeDesc@12@@Z
?create@ImageInput@v1_0@OpenImageIO@@SAPEAV123@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

msvcp100

?do_tolower@?$ctype@D@std@@MEBAPEBDPEADPEBD@Z
?do_tolower@?$ctype@D@std@@MEBADD@Z
?do_toupper@?$ctype@D@std@@MEBAPEBDPEADPEBD@Z
?do_toupper@?$ctype@D@std@@MEBADD@Z
?do_widen@?$ctype@D@std@@MEBAPEBDPEBD0PEAD@Z
?do_widen@?$ctype@D@std@@MEBADD@Z
?do_narrow@?$ctype@D@std@@MEBAPEBDPEBD0DPEAD@Z
?do_narrow@?$ctype@D@std@@MEBADDD@Z
?do_is@?$ctype@_W@std@@MEBAPEB_WPEB_W0PEAF@Z
?do_is@?$ctype@_W@std@@MEBA_NF_W@Z
?do_scan_is@?$ctype@_W@std@@MEBAPEB_WFPEB_W0@Z
?do_scan_not@?$ctype@_W@std@@MEBAPEB_WFPEB_W0@Z
?do_tolower@?$ctype@_W@std@@MEBAPEB_WPEA_WPEB_W@Z
?do_tolower@?$ctype@_W@std@@MEBA_W_W@Z
?do_toupper@?$ctype@_W@std@@MEBAPEB_WPEA_WPEB_W@Z
?do_toupper@?$ctype@_W@std@@MEBA_W_W@Z
?do_widen@?$ctype@_W@std@@MEBAPEBDPEBD0PEA_W@Z
?do_widen@?$ctype@_W@std@@MEBA_WD@Z
?do_narrow@?$ctype@_W@std@@MEBAPEB_WPEB_W0DPEAD@Z
?do_narrow@?$ctype@_W@std@@MEBAD_WD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
??_7ctype_base@std@@6B@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
?do_unshift@?$codecvt@_WDH@std@@MEBAHAEAHPEAD1AEAPEAD@Z
?do_out@?$codecvt@_WDH@std@@MEBAHAEAHPEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?do_in@?$codecvt@_WDH@std@@MEBAHAEAHPEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?do_max_length@?$codecvt@_WDH@std@@MEBAHXZ
?do_always_noconv@?$codecvt@_WDH@std@@MEBA_NXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
?_Decref@facet@locale@std@@QEAAPEAV123@XZ
?do_length@?$codecvt@_WDH@std@@MEBAHAEBHPEBD1_K@Z
?do_encoding@codecvt_base@std@@MEBAHXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$ctype@D@std@@2V0locale@2@A
_FInf
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$ctype@_W@std@@2V0locale@2@A
_Getctype
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7?$codecvt@_WDH@std@@6B@
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??_7?$ctype@D@std@@6B@
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z
??_7ios_base@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1_Mutex@std@@QEAA@XZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
?_Xlength_error@std@@YAXPEBD@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
?_Locinfo_dtor@_Locinfo@std@@SAXPEAV12@@Z
_Getcvt
?_Locinfo_ctor@_Locinfo@std@@SAXPEAV12@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_BADOFF@std@@3_JB
??_7?$ctype@_W@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Id_cnt@id@locale@std@@0HA
?_Init@locale@std@@CAPEAV_Locimp@12@XZ
??0_Mutex@std@@QEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?iostream_category@std@@YAAEBVerror_category@1@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?endl@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@1@AEAV21@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
?init@?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAAXPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@_N@Z
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?_Xfunc@tr1@std@@YAXXZ

msvcr100

_dupenv_s
wcsncat_s
_wgetenv_s
_ltow_s
_splitpath_s
towlower
_stricmp
_wcsicmp
_strdup
wcstok_s
swscanf_s
_fullpath
sscanf_s
strtok_s
_chmod
strtok
strspn
strpbrk
strcmp
strcat
strrchr
_fstat64i32
_mktemp
_mkdir
_wfopen
_getcwd
_chsize
_open
_locking
_wgetenv
_vsnwprintf
vfprintf
memcmp
_wstat64i32
_setmode
_endthreadex
_getpid
_close
_read
_write
_fileno
_chdir
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
_fstat32
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__clean_type_info_names_internal
_mbsupr
_iob
mbtowc
_findclose
_wunlink
_wfindfirst64
_lseek
_wmkdir
_wfindnext64
_wrmdir
_wremove
_wopen
_wrename
_time32
_ctime32
_mktime32
_wstat32
fopen_s
free
tolower
??0exception@std@@QEAA@AEBQEBDH@Z
sprintf
malloc
_CxxThrowException
sscanf
??1exception@std@@UEAA@XZ
??3@YAXPEAX@Z
??_V@YAXPEAX@Z
??2@YAPEAX_K@Z
__CxxFrameHandler3
??0exception@std@@QEAA@AEBQEBD@Z
localeconv
memmove
strstr
isspace
exit
printf
fseek
ftell
getc
atoi
getenv
perror
fclose
strerror
_errno
fopen
strtol
??0exception@std@@QEAA@AEBV01@@Z
_copysign
_stat64i32
_localtime64
_time64
_ftime64
_spawnle
fwrite
_lock_file
_unlock_file
fputc
ungetc
memcpy_s
fgetc
fgetpos
_fseeki64
fsetpos
setvbuf
fflush
fread
_unlink
realloc
fprintf
fputs
atol
toupper
isalnum
isprint
wcslen
fputwc
fgetwc
qsort
_setjmp
isdigit
longjmp
puts
__iob_func
fgets
ungetwc
_purecall
_putenv
_vsnprintf
sprintf_s
??0exception@std@@QEAA@XZ
_gmtime64
ferror
rand
feof
putchar
srand
_vscprintf
isalpha
isupper
islower
_snprintf
asctime
wcstombs
wcschr
mbstowcs
vsprintf
strncpy
__C_specific_handler
_beginthreadex
putc
rename
_ctime64
??0bad_cast@std@@QEAA@AEBV01@@Z
??1bad_cast@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
memcpy
abs
strlen
memset
strncat
??0bad_cast@std@@QEAA@PEBD@Z
remove
tmpfile
strncmp
strcpy
abort
_HUGE
freopen
clock
strcoll
_popen
isxdigit
clearerr
_ftelli64
_pclose
strftime
_difftime64
system
setlocale
_mktime64
tmpnam
memchr
iscntrl
isgraph
ispunct
strtod
_mbsnbcpy
rand_s
iswctype
towupper
strchr
wcsstr
wcsrchr
_wcsnicmp
wcscpy_s
_snwprintf_s
_vswprintf_c_l
swprintf_s
wcscspn
strcpy_s
strncpy_s
wcsncpy_s
strcat_s
wcscat_s
mbstowcs_s
wcstombs_s

Exports

Exports

??0SapphireAbortException@@QEAA@HPEBDHH@Z
??0SapphireParam@@QEAA@AEBV0@@Z
??0SapphireParam@@QEAA@PEBDW4param_type@@EMMMMMQEAMW4screen_mode@@H@Z
??0SapphireParam@@QEAA@PEBDW4param_type@@EMMMQEAMH@Z
??0SapphireParam@@QEAA@W4param_type@@PEBD@Z
??0SapphireParam@@QEAA@XZ
??0ShmemManager@IPC@Sapphire@@QEAA@AEBV012@@Z
??0ShmemManager@IPC@Sapphire@@QEAA@XZ
??0ShmemTransport@IPC@Sapphire@@QEAA@QEAXAEAVCircularQueueIndices@12@AEAVinterprocess_mutex@interprocess@boost@@AEAVinterprocess_condition@56@23012323PEAVShmemHeader@12@@Z
??1SapphireAbortException@@QEAA@XZ
??1SapphireParam@@UEAA@XZ
??1ShmemManager@IPC@Sapphire@@QEAA@XZ
??4MemoryCheck@@QEAAAEAV0@AEBV0@@Z
??4SapphireAbortException@@QEAAAEAV0@AEBV0@@Z
??4SapphireParam@@QEAAAEAV0@AEBV0@@Z
??4ShmemManager@IPC@Sapphire@@QEAAAEAV012@AEBV012@@Z
??_7SapphireParam@@6B@
??_FSapphireAbortException@@QEAAXXZ
??_UMemoryCheck@@CAPEAX_K@Z
??_VMemoryCheck@@CAXPEAX@Z
??_VSapphireParam@@CAXPEAX@Z
?clamp_values@SapphireParam@@QEAAXPEAURenderContext@@@Z
?clear@SapphireParam@@AEAAXXZ
?client_pid_exists@ShmemTransport@IPC@Sapphire@@QEAA_NXZ
?clone@SapphireParam@@QEAAPEAV1@XZ
?clone_host_properties@SapphireParam@@UEAAXPEBV1@@Z
?clone_impl@SapphireParam@@MEAAPEAV1@XZ
?commit@ShmemTransport@IPC@Sapphire@@QEAA_NXZ
?connect@ShmemManager@IPC@Sapphire@@SAPEAVShmemTransport@23@QEBD@Z
?connect_impl@ShmemManager@IPC@Sapphire@@IEAAPEAVShmemTransport@23@QEBD_N_K2@Z
?create_shmem@ShmemManager@IPC@Sapphire@@IEAAPEAVwindows_shared_memory@interprocess@boost@@QEBD_N_K2@Z
?create_transport@ShmemManager@IPC@Sapphire@@IEAAPEAVShmemTransport@23@PEAVmapped_region@interprocess@boost@@_N@Z
?destroy_mapped_region@ShmemManager@IPC@Sapphire@@IEAA_NPEAVmapped_region@interprocess@boost@@_N@Z
?destroy_shmem_obj@ShmemManager@IPC@Sapphire@@IEAAXPEAVwindows_shared_memory@interprocess@boost@@_N11@Z
?format@SapphireParam@@UEAA?AW4const_format_tag@@XZ
?get_abort_type@SapphireAbortException@@QEAAHXZ
?get_canonical_name@SapphireParam@@QEAAPEBDXZ
?get_error_code@SapphireAbortException@@QEAAHXZ
?get_fast@ShmemTransport@IPC@Sapphire@@QEAA_NXZ
?get_last_error@ShmemTransport@IPC@Sapphire@@QEAA?AW4ShmemError@23@XZ
?get_server_pid@ShmemTransport@IPC@Sapphire@@QEAAHXZ
?get_value@SapphireParam@@QEAAMHPEAURenderContext@@@Z
?get_value_from_buttons@SapphireParam@@MEAA_NPEAURenderContext@@@Z
?get_value_nosync@SapphireParam@@QEAAMH@Z
?get_value_object@SapphireParam@@QEAAPEAXPEAURenderContext@@@Z
?get_value_object_nosync@SapphireParam@@UEAAPEAXXZ
?init@SapphireParam@@AEAAXPEBDW4param_type@@EMMMMMQEAMW4screen_mode@@H@Z
?init@SapphireParam@@AEAAXXZ
?instance@ShmemManager@IPC@Sapphire@@1PEAV123@EA
?is_segment_valid@ShmemTransport@IPC@Sapphire@@QEAA_NXZ
?maybe_set_to_old_default@SapphireParam@@UEAA_NPEAURenderContext@@MI@Z
?needs_old_default@SapphireParam@@QEAA_NM@Z
?notify_reader@ShmemTransport@IPC@Sapphire@@IEAAXXZ
?notify_writer@ShmemTransport@IPC@Sapphire@@IEAAXXZ
?numeric_p@SapphireParam@@UEAA_NXZ
?print_stats@ShmemTransport@IPC@Sapphire@@QEAAXXZ
?ptype_name@SapphireParam@@QEBAPEBDXZ
?read@ShmemTransport@IPC@Sapphire@@QEAA_KPEAPEAXPEAPEAUMessageHeader_t@23@@Z
?read_and_retry@ShmemTransport@IPC@Sapphire@@QEAA_KPEAPEAXMPEAPEAUMessageHeader_t@23@@Z
?release@SapphireParam@@QEAA_NXZ
?remove@ShmemTransport@IPC@Sapphire@@QEAA_NXZ
?reserve@ShmemTransport@IPC@Sapphire@@QEAAPEAX_KQEBD@Z
?reset@ShmemManager@IPC@Sapphire@@SAXQEBD_N@Z
?reset_all@ShmemManager@IPC@Sapphire@@SAX_N@Z
?reset_all_impl@ShmemManager@IPC@Sapphire@@IEAAX_N@Z
?reset_impl@ShmemManager@IPC@Sapphire@@IEAAXQEBD_N@Z
?retain@SapphireParam@@QEAAXXZ
?serve@ShmemManager@IPC@Sapphire@@SAPEAVShmemTransport@23@QEBD_K1@Z
?set_canonical_name@SapphireParam@@QEAAXPEBD@Z
?set_fast@ShmemTransport@IPC@Sapphire@@QEAAX_N@Z
?set_to_default@SapphireParam@@UEAA_NPEAURenderContext@@I@Z
?set_value@SapphireParam@@UEAAHPEAURenderContext@@HMI@Z
?set_value_from_json@SapphireParam@@UEAAHPEAURenderContext@@PEAUcJSON@@I@Z
?set_value_from_string@SapphireParam@@UEAAHPEAURenderContext@@PEBDI@Z
?set_values@SapphireParam@@UEAAHPEAURenderContext@@HHQEAMI@Z
?shmem_error_to_string@IPC@Sapphire@@YAPEBDW4ShmemError@12@@Z
?timed_read@ShmemTransport@IPC@Sapphire@@QEAA_KPEAPEAXMPEAPEAUMessageHeader_t@23@@Z
?timed_reserve@ShmemTransport@IPC@Sapphire@@QEAAPEAX_KMQEBD@Z
?timed_write@ShmemTransport@IPC@Sapphire@@QEAA_NQEBX_KMQEBD@Z
?timed_write_string@ShmemTransport@IPC@Sapphire@@QEAA_NQEBDM0@Z
?to_json@SapphireParam@@UEAAPEAUcJSON@@PEAURenderContext@@_N@Z
?to_string@SapphireParam@@UEAAPEADPEAURenderContext@@_N@Z
?to_string_const@SapphireParam@@QEAAPEBDPEAURenderContext@@_N@Z
?try_read@ShmemTransport@IPC@Sapphire@@QEAA_KPEAPEAXPEAPEAUMessageHeader_t@23@@Z
?try_reserve@ShmemTransport@IPC@Sapphire@@QEAAPEAX_KQEBD@Z
?try_write@ShmemTransport@IPC@Sapphire@@QEAA_NQEBX_KQEBD@Z
?try_write_string@ShmemTransport@IPC@Sapphire@@QEAA_NQEBD0@Z
?update@SapphireParam@@QEAAXPEAURenderContext@@@Z
?update_ui@SapphireParam@@UEAAXPEAURenderContext@@@Z
?valid_with_inputs@SapphireParam@@QEAA_NI_N@Z
?write@ShmemTransport@IPC@Sapphire@@QEAA_NQEBX_KQEBD@Z
?write_string@ShmemTransport@IPC@Sapphire@@QEAA_NQEBD0@Z
FoundryOfxAllowPluginUnload
OfxGetNumberOfPlugins
OfxGetPlugin
S_set_err_handler
Sapphire_version_name
Sapphire_version_num
free_sapphire_effect
free_sapphire_ipc_shmemtransport
generate_all_sapphire_effect_params
get_bfx_api_name
get_bfx_lic_version
get_bfx_productline_feature
get_bfx_productline_name
get_n_sapphire_builder_effects
get_n_sapphire_effects
get_sapphire_build_id
get_sapphire_builder_info_i
get_sapphire_plugin_info_i
get_sapphire_version_info
init_sapphire_effect
init_sapphire_effect_from_string
make_sapphire_raster_info
render_sapphire_effect_to_native_image
render_sapphire_lensflare_to_native_image
replace_sapphire_with_productline
sapphire_abort_render
sapphire_any_nodes_get_flag
sapphire_clear_abort
sapphire_comp_bgra_8
sapphire_convert_to_bgra_8
sapphire_effect_is_time_varying
sapphire_find_pinfo_for_effect
sapphire_free_all_flare_textures
sapphire_free_all_stamp_collections
sapphire_free_check_fun
sapphire_get_flare_texture_error
sapphire_get_fromfile_popup_names
sapphire_get_native_image_dims
sapphire_get_param_bounds2
sapphire_get_param_title
sapphire_get_resized_image_size
sapphire_get_texture_info
sapphire_get_texture_pixels
sapphire_load_flare_texture
sapphire_malloc_copy_string_func
sapphire_register_flare_texture
sapphire_resize_native_image
sapphire_shutdown_apps
set_bfx_api_name
set_bfx_lic_version
set_bfx_productline_feature
set_bfx_productline_name
set_sapphire_luts
version_warning_printed

Sections

.text
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 814KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nv_fatb
Size: 19.0MB - Virtual size: 19.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BorisFX Sapphire OFX/Setup.exe
.exe windows:1 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3e:06:93:c7:56:88:dd:c6:37:a7:1b:df:af:e6:0b:f1
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

11-12-2018 00:00

Not After

21-12-2019 23:59

Subject

CN=ARTEL SOFTWARE CORPORATION,O=ARTEL SOFTWARE CORPORATION,L=Boston,ST=Massachusetts,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d2:60:31:27:9c:7e:72:1b:03:4c:f3:fd:28:67:3d:b8:b7:10:c3:6d
Signer

Actual PE Digest

d2:60:31:27:9c:7e:72:1b:03:4c:f3:fd:28:67:3d:b8:b7:10:c3:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BorisFX Sapphire OFX/Win64.lnk
.lnk
BorisFX Sapphire OFX/lib64.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

3228bcf040982ec08ed722478f067769

Headers

DLL Characteristics

File Characteristics

Imports

cufft64_42_9

cudart64_42_9

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

wsock32

glu32

opengl32

libmmd

iphlpapi

winhttp

ws2_32

openimageio

msvcp100

msvcr100

Exports

Exports

Sections

.text Size: 14.7MB - Virtual size: 14.7MB

.rdata Size: 4.4MB - Virtual size: 4.4MB

.data Size: 814KB - Virtual size: 1.8MB

.pdata Size: 390KB - Virtual size: 390KB

.data1 Size: 342KB - Virtual size: 341KB

.nv_fatb Size: 19.0MB - Virtual size: 19.0MB

.nvFatBi Size: 1024B - Virtual size: 648B

_RDATA Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 207KB - Virtual size: 206KB

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

3e:06:93:c7:56:88:dd:c6:37:a7:1b:df:af:e6:0b:f1Certificate

Extended Key Usages

Key Usages

d2:60:31:27:9c:7e:72:1b:03:4c:f3:fd:28:67:3d:b8:b7:10:c3:6dSigner

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 40KB - Virtual size: 40KB

DATA Size: 1024B - Virtual size: 592B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 14.7MB - Virtual size: 14.7MB

.rdata
Size: 4.4MB - Virtual size: 4.4MB

.data
Size: 814KB - Virtual size: 1.8MB

.pdata
Size: 390KB - Virtual size: 390KB

.data1
Size: 342KB - Virtual size: 341KB

.nv_fatb
Size: 19.0MB - Virtual size: 19.0MB

.nvFatBi
Size: 1024B - Virtual size: 648B

_RDATA
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 207KB - Virtual size: 206KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

3e:06:93:c7:56:88:dd:c6:37:a7:1b:df:af:e6:0b:f1
Certificate

d2:60:31:27:9c:7e:72:1b:03:4c:f3:fd:28:67:3d:b8:b7:10:c3:6d
Signer

CODE
Size: 40KB - Virtual size: 40KB

DATA
Size: 1024B - Virtual size: 592B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 15KB - Virtual size: 14KB