» catia_v5r19sp2_x32_crk.exe
Overview
Analysis
File Details
Downloads (2)

catia_v5r19sp2_x32_crk.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s6232.chomikuj.pl and multiple other hosts.

File name:

MD5:

ac7ccfd79d110c04ea28f1d99b5cb2af

SHA-1:

f6a3d33975a230ce9fe357c5f127d0bbd1daafe3

SHA-256:

f5d31fd23d8fe1e9f43231b65fe13ab9adc9eedeb86a25f6db9b9094d5e00296

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/15/2024 3:56:15 AM UTC (today)

Scan engine

Detection

Engine version

Norman

Suspicious_Gen2.DIGX

11.20140205

Sophos

Patch Crack

4.96

Trend Micro House Call

TROJ_SPNR.08C912

7.2.36

Trend Micro

TROJ_SPNR.08C912

10.465.05

File size:

17.6 KB (18,059 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\catia v5r19\dassault systemes catia p2 v5r19 sp2 x86\patches for sp0 and sp2\catia_v5r19sp2_x32_crk.exe

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

384:pLDTs8hsF6qtK8lzQ8+Sych3mYvCPHx+Fn:pLXVhaTtDE8VfCPHx+Fn

Entry address:

0xF000

Entry point:

60, E8, 00, 00, 00, 00, 83, CD, FF, 31, DB, 5E, 8D, BE, FA, 1F, FF, FF, 57, 66, 81, 87, 00, 00, 00, 00, 00, 00, 81, C6, B3, 01, 00, 00, EB, 0A, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 77, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 67, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75... 
[+]

Packer / compiler:

UPX v0.71 - v0.72

Code size:

4 KB (4,096 bytes)

The file catia_v5r19sp2_x32_crk.exe has been seen being distributed by the following 2 URLs.

http://s6232.chomikuj.pl/File.aspx?e=Qu9Dr3YGbcvsbYBdCwGX8d1pnkdqDx_FoxOL75EaLxndMJ5GT5y-HltYtRvtt5Zzx-hkmjBM-uFxuAoy1urbRnbIdCo_To-_zl2YfGmC_-YRZfdpnlvL1oAGrpEsBG-wqj2q4hWTFjnzruXUgV9_20eJfD4Y8a6rQKsnurphL_0&pv=2

http://s10005.chomikuj.pl/File.aspx?e=Qu9Dr3YGbcvsbYBdCwGX8dA3kp3xgJr6f0ALX7eXb-hHfMHVObPt2k7mgJMLLGcswHZy57OPoJ9YduC2SgNtFYrt05YHYaeh10dg6qPaywmh-uCZGWyBnhkFcW9BONJc9_AJVlCMJGbZzNWuVosAjg&pv=2

Scan catia_v5r19sp2_x32_crk.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.