d646993b90c40f1719cd89c1cdf596a3848c7d363fb7f8083e173e93b70cfe6f

Sharing

Copy URL Twitter E-mail

General

Target

d646993b90c40f1719cd89c1cdf596a3848c7d363fb7f8083e173e93b70cfe6f
Size

261KB
MD5

bb3a49aab2241c75f48c55674a737eb8
SHA1

fe00e50f929adbb81d0a34c1b73a46501462e904
SHA256

d646993b90c40f1719cd89c1cdf596a3848c7d363fb7f8083e173e93b70cfe6f
SHA512

31bc38a7683a4517d8248c78a033876387d2d00daa59ecd4559334a56089bbe1db160e1e8dc47ea282da4284efca99b0fa57d5a96c108418b91d6bcc6d42c176
SSDEEP

6144:4XJo3sGiyLcTtPazy/rghD83QDUiDK5VFJeVOTl7lFLM:YJobiyLMFazy/ENEQQiDCF0ATNo

Score

N/A

Malware Config

Signatures

Files

d646993b90c40f1719cd89c1cdf596a3848c7d363fb7f8083e173e93b70cfe6f
.rar
热油炉软件更新-V2.0/HotOilTester.exe
.exe windows x86

b1df779cdcb7afa9620cf02dc7fb0c6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

cvirte

CmtNewTSQ
CmtNewTSV
CmtNewThreadLocalVar
CmtNewThreadPool
CmtPreAllocThreadPoolThreads
CmtReadTSQData
CmtReleaseLock
CmtReleaseTSQReadPtr
CmtReleaseTSQWritePtr
CmtReleaseTSVPtr
CmtReleaseThreadPoolFunctionID
CmtScheduleThreadPoolFunction
CmtScheduleThreadPoolFunctionAdv
CmtSetCurrentThreadPriority
CmtSetTSQAttribute
CmtSetTSV
CmtSetThreadPoolAttribute
CmtTerminateThreadPoolThread
CmtTryToGetLock
CmtUninstallTSQCallback
CmtUninstallThreadPoolCallback
CmtWaitForThreadPoolFunctionCompletion
CmtWaitForThreadPoolFunctionCompletionEx
CmtWriteTSQData
ColorRGBSelectPopup
ComBreak
ComFromFile
ComRd
ComRdByte
ComRdTerm
ComSetEscape
ComToFile
ComWrt
ComWrtByte
CommitChangesToRTSystem
CompareBytes
CompareCVIAbsoluteTimes
CompareCVIAbsoluteTimesWithTolerance
CompareCVITimeIntervals
CompareCVITimeIntervalsWithTolerance
CompareStrings
ConfigurePrinter
ConfigureProcessorPool
ConfirmPopup
ConnectToDDEServer
ConnectToTCPServer
ConnectToTCPServerEx
ConvertUICoordinates
CopyBytes
CopyString
CopyTabPage
CopyTreeItem
CreateMetaFont
CreateMetaFontEx
CreateMetaFontWithCharacterSet
CreateRTSystemImage
CreateUDPChannel
CreateUDPChannelConfig
CurrThreadId
DOSColorToRGB
DOSCompatWindow
DSBindCtrl
DSBindPlot
DSBindTableCellRange
DSGetBoundPlotID
DSUnbind
DateStr
DebugPrintf
DecrementCVIAbsoluteTime
DecrementCVITimeInterval
DefaultCtrl
DefaultPanel
Delay
DeleteAxisItem
DeleteCtrlArrayItem
DeleteDir
DeleteGraphAnnotation
DeleteGraphPlot
DeleteImage
DeleteListItem
DeleteStatusBarCellListItem
DeleteTabPage
DeleteTableCellRangeRingItems
DeleteTableCellRingItems
DeleteTableColumns
DeleteTableRows
DeleteTextBoxLine
DeleteTextBoxLines
DeleteTreeCellRingItems
DeleteTreeColumn
DirSelectPopup
DirSelectPopupEx
DisableBreakOnLibraryErrors
DisableInterrupts
DisableLoadExternalModuleUndefSymPrompt
DisableTaskSwitching
DiscardAllUserInterfaceObjects
DiscardBitmap
DiscardCtrl
DiscardCtrlArray
DiscardCtrlMenuItem
DiscardMenu
DiscardMenuBar
DiscardMenuItem
DiscardNumericColorRamp
DiscardPanel
DiscardStatusBar
DiscardStatusBarCell
DiscardSubMenu
DisconnectFromDDEServer
DisconnectFromTCPServer
DisconnectTCPClient
DisplayImageFile
DisplayPCXFile
DisplayPanel
DisposeAllUDPChannels
DisposeRTSystemInfo
DisposeUDPChannel
DivideCVITimeInterval
DuplicateBitmap
DuplicateCtrl
DuplicatePanel
DuplicatePanelTree
EmptyMenu
EmptyMenuBar
EnableBreakOnLibraryErrors
EnableEventQueuing
EnableEventQueuingForPanel
EnableInterrupts
EnablePrivateEventsForPanel
EnableTaskSwitching
EnterAsyncCallback
ErrorPrintf
ExecutableHasTerminated
ExitAsyncCallback
FakeKeystroke
FileSelectPopup
FileSelectPopupEx
FileToArray
FillBytes
FillTableCellRange
FindAllRTSystemsOnSubnet
FindPattern
FlushInQ
FlushOutQ
Fmt
FmtFile
FmtOut
FontSelectPopup
FontSelectPopupEx
FormatDateTimeString
FormatRTSystem
FreeRTUtilMemory
FreeTableValStrings
GenericMessagePopup
Get387CW
Get3dBorderColors
GetActiveCtrl
GetActiveGraphCursor
GetActiveLegendItem
GetActivePanel
GetActiveStatusBar
GetActiveTabPage
GetActiveTableCell
GetActiveTreeCell
GetActiveTreeItem
GetActiveXCtrlFromObjHandle
GetAllTCPHostAddresses
GetAnnotationAttribute
GetAnnotationIndexFromCaption
GetAxisItem
GetAxisItemLabelLength
GetAxisRange
GetAxisScalingMode
GetAxisTimeFormat
GetBitmapData
GetBitmapDataEx
GetBitmapFromFile
GetBitmapFromFileEx
GetBitmapFromHIcon
GetBitmapInfo
GetBitmapInfoEx
GetBreakOnFirstChanceExceptions
GetBreakOnLibraryErrors
GetBreakOnProtectionErrors
GetCVILogOutputFormat
GetCVILogReportingLevels
GetCVILogTimingHandle
GetCVIVersion
GetCVIVersionYear
GetCVIWindowHandle
GetCVIWindowHandleForCurrThread
GetCheckedItemAreaWidth
GetComConnectionState
GetComLineStatus
GetComStat
GetCtrlArrayBoundingRect
GetCtrlArrayFromResourceID
GetCtrlArrayIndex
GetCtrlArrayItem
GetCtrlArrayPanel
GetCtrlAttribute
GetCtrlBitmap
GetCtrlBoundingRect
GetCtrlDisplayBitmap
GetCtrlIndex
GetCtrlMenuAttribute
GetCtrlVal
GetCtrlValString
GetCurrentCVIAbsoluteTime
GetCurrentDateTime
GetCurrentPlatform
GetCursorAttribute
GetDDEErrorString
GetDateTimeElements
GetDir
GetDrive
GetEnableResourceTracking
GetExportedNamesFromBinaryFile
GetExternalModuleAddr
GetExternalModuleAddrEx
GetFileAttrs
GetFileDate
GetFileInfo
GetFilePopupDirHistory_WithAlloc
GetFirstFile
GetFmtErrNdx
GetFmtIOError
GetFmtIOErrorString
GetFontTypefaceName
GetFontTypefaceNameLength
GetFullPathFromProject
GetGlobalMouseState
GetGraphCoordsFromPoint
GetGraphCursor
GetGraphCursorIndex
GetHostTCPSocketHandle
GetImageBits
GetImageInfo
GetInQLen
GetIndexFromPoint
GetIndexFromValue
GetInstalledFileVersion
GetInstalledFilenames
GetInterruptState
GetKey
GetKeyPressEventCharacter
GetKeyPressEventModifiers
GetKeyPressEventVirtualKey
GetLabelFromIndex
GetLabelLengthFromIndex
GetLedState
GetLegendItemFromPoint
GetListItemImage
GetMainCallback
GetMenuBarAttribute
GetMenuId
GetMenuIdByString
GetMenuItemId
GetMenuItemIdByString
GetModuleDir
GetMonitorAttribute
GetMonitorFromPanel
GetMonitorFromPoint
GetMonitorFromRect
GetMouseCursor
GetNextFile
GetNumAxisItems
GetNumCheckedItems
GetNumCtrlArrayItems
GetNumImagesInFile
GetNumLegendItems
GetNumListItems
GetNumMenuItems
GetNumTabPages
GetNumTableCellRingItems
GetNumTableColumns
GetNumTableRows
GetNumTextBoxLines
GetNumTreeCellRingItems
GetNumTreeColumns
GetNumTreeItems
GetNumericColorRamp
GetObjHandleFromActiveXCtrl
GetOutQLen
GetOwnerOfMenuObject
GetPanelAttribute
GetPanelDisplayBitmap
GetPanelEventRect
GetPanelHandleFromTabPage
GetPanelMenuBar
GetPersistentVariable
GetPlotAttribute
GetPrintAttribute
GetProjectDir
GetRS232ErrorString
GetRTFileAPIErrorString
GetRTModuleAddr
GetRTSystemInfo
GetRTUtilErrorString
GetRealFontTypefaceName
GetRealFontTypefaceNameLength
GetRelativeMouseState
GetRingItemAttribute
GetScaledCtrlDisplayBitmap
GetScaledPanelDisplayBitmap
GetScalingFactorsForPrintJob
GetScreenSize
GetSharedMenuBarEventPanel
GetSleepPolicy
GetStatusBarAndCellIndexFromCtrl
GetStatusBarAttribute
GetStatusBarCellAttribute
GetStatusBarCellBitmap
GetStatusBarCellListIndex
GetStatusBarCellNumListItems
GetStatusBarCellVal
GetStdioPort
GetStdioWindowOptions
GetStdioWindowPosition
GetStdioWindowSize
GetStdioWindowVisibility
GetSubMenuId
GetSwitchState
GetSystemAttribute
GetSystemComHandle
GetSystemDate
GetSystemPopupsAttribute
GetTCPErrorString
GetTCPHostAddr
GetTCPHostConnectionAddr
GetTCPHostName
GetTCPPeerAddr
GetTCPPeerName
GetTCPSystemErrorString
GetTabPageAttribute
GetTabPageFromPoint
GetTableCellAttribute
GetTableCellFromPoint
GetTableCellFromValue
GetTableCellRangeRect
GetTableCellRangeVals
GetTableCellRingIndexFromValue
GetTableCellRingItemAttribute
GetTableCellRingValueFromIndex
GetTableCellRingValueLengthFromIndex
GetTableCellVal
GetTableCellValLength
GetTableColumnAttribute
GetTableColumnFromLabel
GetTableRowAttribute
GetTableRowFromLabel
GetTableSelection
GetTextBoxLine
GetTextBoxLineIndexFromOffset
GetTextBoxLineLength
GetTextBoxLineOffset
GetTextDisplaySize
GetThreadLocalErrorStringBuffer
GetTimeUS
GetTimerTickData
GetTraceAttribute
GetTreeCellAttribute
GetTreeCellRingIndexFromValue
GetTreeCellRingItemAttribute
GetTreeCellRingValueFromIndex
GetTreeCellRingValueLengthFromIndex
GetTreeColumnAttribute
GetTreeItem
GetTreeItemAttribute
GetTreeItemFromLabel
GetTreeItemFromTag
GetTreeItemFromValue
GetTreeItemLevel
GetTreeItemNumChildren
GetTreeItemNumDescendents
GetTreeItemParent
GetTreeItemPath
GetTreeItemPathLength
GetTreeItemTag
GetUDPAttribute
GetUDPErrorString
GetUDPSocketHandle
GetUILErrorString
GetUserBitmapFromText
GetUserEvent
GetValidatedPrintAttribute
GetValueFromIndex
GetValueLengthFromIndex
GetWaitCursorState
GetWindowDisplaySetting
HideBuiltInCtrlMenuItem
HidePanel
InStandaloneExecutable
IncrementCVIAbsoluteTime
IncrementCVITimeInterval
InitCVIRTDll
InsertAxisItem
InsertCtrlArrayItem
InsertListItem
InsertPanelAsTabPage
InsertSeparator
InsertStatusBarCellListItem
InsertTabPage
InsertTableCellRangeRingItem
InsertTableCellRingItem
InsertTableColumns
InsertTableRows
InsertTextBoxLine
InsertTreeCellRingItem
InsertTreeColumn
InsertTreeItem
InstallComCallback
InstallCtrlCallback
InstallMainCallback
InstallMenuCallback
InstallMenuDimmerCallback
InstallMenuDimmerCallbackEx
InstallPanelCallback
InstallPopup
InstallPopupPanel
InstallRTFileToCVIDir
IsListItemChecked
IsRegisteredRTStartupDLL
IsSpecificRTFileAPIErrorCode
IsTreeItemExposed
KeyHit
KeyPressEventIsLeadByte
KeyPressEventIsTrailByte
LaunchExecutable
LaunchExecutableEx
LoadExternalModule
LoadExternalModuleEx
LoadMenuBar
LoadMenuBarEx
LoadPanel
LoadPanelEx
LoadRTModule
LockRTSystem
MainThreadId
MakeApplicationActive
MakeColor
MakeDateTime
MakeDir
MakePathname
MakePoint_8STRCTEAXEDX_
MakeRect
MakeTreeItemVisible
MapPhysicalMemory
MenuIsOpen
MessagePopup
MinimizeAllWindows
MoveCtrlArray
MoveTabPage
MoveTreeItem
MultiFileSelectPopupEx_WithAlloc
MultiFileSelectPopup_WithAlloc
MultiplyCVITimeInterval
NIWatchdog_Acknowledge
NIWatchdog_AddResetAction
NIWatchdog_AddTriggerAction
NIWatchdog_Clear
NIWatchdog_ClearOutputs
NIWatchdog_Close
NIWatchdog_Configure
NIWatchdog_Disable
NIWatchdog_Enable
NIWatchdog_GetAttribute
NIWatchdog_Open
NIWatchdog_Reset
NIWatchdog_SetAttribute
NIWatchdog_Start
NIWatchdog_Whack
NewActiveXCtrl
NewActiveXCtrlFromFile
NewActiveXCtrlFromPersistence
NewBitmap
NewBitmapEx
NewCtrl
NewCtrlArray
NewCtrlMenuItem
NewCtrlMenuSeparator
NewMenu
NewMenuBar
NewMenuItem
NewPanel
NewStatusBar
NewStatusBarCell
NewSubMenu
NumFmtdBytes
OpenCom
OpenComConfig
OperateSplitter
PlotArc
PlotBitmap
PlotDigitalLines
PlotDigitalLinesMultiBus
PlotIntensity
PlotLine
PlotOval

kernel32

CreateThread
GetPrivateProfileStringA
Sleep
WritePrivateProfileStringA
CloseHandle
CreateMutexA
FreeLibrary
GetComputerNameA
GetCurrentProcessId
GetDiskFreeSpaceA
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemDirectoryA
GetUserDefaultLCID
GetWindowsDirectoryA
GlobalMemoryStatus
InterlockedCompareExchange
InterlockedExchange
LoadLibraryA
LoadLibraryW
OutputDebugStringA
ReleaseMutex
SetLastError
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
ExitProcess
OpenMutexA
DebugBreak
GetCurrentThreadId
IsDebuggerPresent
GetCurrentProcess
LocalAlloc
LocalFree
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrlenA

pcomm

ord24
ord50
ord19
ord7
ord2
ord8
ord20
ord4
ord6

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

gdi32

DeleteDC
DeleteObject
GetDIBits

user32

CallWindowProcA
CreatePopupMenu
DefWindowProcA
DestroyIcon
DestroyMenu
GetCursorPos
GetDC
GetIconInfo
GetKeyboardType
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemInfoA
GetSysColor
GetWindowLongA
InsertMenuItemA
LoadImageA
PostMessageA
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoA
SetWindowLongA
SystemParametersInfoA
TrackPopupMenu
wsprintfA

Sections

.text
Size: 806KB - Virtual size: 806KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 17.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.db_info
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_abbv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_line
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_pnam
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_str
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_ref
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_fram
Size: 1024B - Virtual size: 800B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

_data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
热油炉软件更新-V2.0/Proj/Cfg.ini
热油炉软件更新-V2.0/Proj/Database/MODULE.mdb
热油炉软件更新-V2.0/ReportModel.xlsx
.xlsx office2007

Sharing

General

Malware Config

Signatures

Files

b1df779cdcb7afa9620cf02dc7fb0c6b

Headers

DLL Characteristics

File Characteristics

Imports

cvirte

kernel32

pcomm

advapi32

gdi32

user32

Sections

.text Size: 806KB - Virtual size: 806KB

.data Size: 303KB - Virtual size: 302KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 17.9MB

.db_info Size: 4KB - Virtual size: 3KB

.db_abbv Size: 1KB - Virtual size: 1KB

.db_line Size: 2KB - Virtual size: 1KB

.db_pnam Size: 1KB - Virtual size: 1KB

.db_str Size: 3KB - Virtual size: 2KB

.db_ref Size: 1KB - Virtual size: 1KB

.db_fram Size: 1024B - Virtual size: 800B

_data Size: 512B - Virtual size: 10B

_text Size: 512B - Virtual size: 444B

.idata Size: 55KB - Virtual size: 55KB

.edata Size: 512B - Virtual size: 57B

.rsrc Size: 110KB - Virtual size: 109KB

.text
Size: 806KB - Virtual size: 806KB

.data
Size: 303KB - Virtual size: 302KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 17.9MB

.db_info
Size: 4KB - Virtual size: 3KB

.db_abbv
Size: 1KB - Virtual size: 1KB

.db_line
Size: 2KB - Virtual size: 1KB

.db_pnam
Size: 1KB - Virtual size: 1KB

.db_str
Size: 3KB - Virtual size: 2KB

.db_ref
Size: 1KB - Virtual size: 1KB

.db_fram
Size: 1024B - Virtual size: 800B

_data
Size: 512B - Virtual size: 10B

_text
Size: 512B - Virtual size: 444B

.idata
Size: 55KB - Virtual size: 55KB

.edata
Size: 512B - Virtual size: 57B

.rsrc
Size: 110KB - Virtual size: 109KB