catia_v5r19sp2_x32_crk.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s6232.chomikuj.pl and multiple other hosts.
MD5:
ac7ccfd79d110c04ea28f1d99b5cb2af

SHA-1:
f6a3d33975a230ce9fe357c5f127d0bbd1daafe3

SHA-256:
f5d31fd23d8fe1e9f43231b65fe13ab9adc9eedeb86a25f6db9b9094d5e00296

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 1:43:03 AM UTC  (today)

Scan engine
Detection
Engine version

Norman
Suspicious_Gen2.DIGX
11.20140205

Sophos
Patch Crack
4.96

Trend Micro House Call
TROJ_SPNR.08C912
7.2.36

Trend Micro
TROJ_SPNR.08C912
10.465.05

File size:
17.6 KB (18,059 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\catia v5r19\dassault systemes catia p2 v5r19 sp2 x86\patches for sp0 and sp2\catia_v5r19sp2_x32_crk.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
384:pLDTs8hsF6qtK8lzQ8+Sych3mYvCPHx+Fn:pLXVhaTtDE8VfCPHx+Fn

Entry address:
0xF000

Entry point:
60, E8, 00, 00, 00, 00, 83, CD, FF, 31, DB, 5E, 8D, BE, FA, 1F, FF, FF, 57, 66, 81, 87, 00, 00, 00, 00, 00, 00, 81, C6, B3, 01, 00, 00, EB, 0A, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 77, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 67, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75...
 
[+]

Packer / compiler:
UPX v0.71 - v0.72

Code size:
4 KB (4,096 bytes)

The file catia_v5r19sp2_x32_crk.exe has been seen being distributed by the following 2 URLs.

http://s6232.chomikuj.pl/File.aspx?e=Qu9Dr3YGbcvsbYBdCwGX8d1pnkdqDx_FoxOL75EaLxndMJ5GT5y-HltYtRvtt5Zzx-hkmjBM-uFxuAoy1urbRnbIdCo_To-_zl2YfGmC_-YRZfdpnlvL1oAGrpEsBG-wqj2q4hWTFjnzruXUgV9_20eJfD4Y8a6rQKsnurphL_0&pv=2

Scan catia_v5r19sp2_x32_crk.exe - Powered by Reason Core Security