05605e1091524d4b7c63989e9d5565f8e12199b608cb388b6e2e97ec5d187950

Sharing

Copy URL Twitter E-mail

General

Target

05605e1091524d4b7c63989e9d5565f8e12199b608cb388b6e2e97ec5d187950
Size

7.8MB
MD5

b5637ea2ead099b38d7e4a20f39072a6
SHA1

75a87f9b8fc275b085cfd5885aa39c922b194952
SHA256

05605e1091524d4b7c63989e9d5565f8e12199b608cb388b6e2e97ec5d187950
SHA512

68841a1847d93ff2d987b8eb013ac80df6406f917c088313559acdbe2f5e205e5c5047d9ecea3dd07362255b03697a2d0c6de25bb71e8417d0137c89aaab3393
SSDEEP

196608:RDAK/YAda9C8lFVM7JJlfV48l/r3xs5zx7UppHlV:RMAr8duJba8l/7xMROpFV

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AutoBatSelect2.exe
unpack001/AutobatVmcp.exe
unpack001/DataMentDll.dll
unpack001/DataMentHDll.dll
unpack001/DeviceUpdate.exe
unpack001/Disco878.sys
unpack001/MachineDetect.exe
unpack001/SetSoftRev.exe
unpack001/SucceedGemData.exe
unpack001/Update.EXE
unpack001/UpdateApp.exe
unpack001/scmp.exe

Files

05605e1091524d4b7c63989e9d5565f8e12199b608cb388b6e2e97ec5d187950
.zip
2fluids_2flow.dat
2fluids_3flow.dat
2fluids_off.dat
AutoBatSelect2.exe
.exe windows x86

dfa6126084392c17dc1c801d8f894feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord5303
ord5285
ord5710
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord561
ord815
ord2506
ord861
ord2613
ord1131
ord641
ord800
ord656
ord2717
ord825
ord5261
ord4370
ord4992
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord540
ord324
ord2294
ord4692
ord4704
ord755
ord470
ord6195
ord2810
ord5977
ord5949
ord537
ord535
ord3087
ord6211
ord4219
ord6279
ord6278
ord4272
ord858
ord4273
ord6655
ord823
ord940
ord922
ord2756
ord798
ord1197
ord1989
ord6219
ord5461
ord5188
ord533
ord860
ord4847
ord6403
ord2812
ord3806
ord1165
ord3614
ord3621
ord3658
ord2406
ord2371
ord6051
ord1768
ord5286
ord3397
ord3605
ord567
ord1143
ord1764
ord6362
ord2405
ord2016
ord4214
ord4395
ord3634
ord692
ord4270
ord2746
ord3798
ord2854
ord4195
ord538
ord2855
ord2573
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4229
ord4667
ord1569

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp
_wcmdln
_XcptFilter
_exit
wcscoll
_wcsicmp
system
_wtoi
wcscpy
strcpy
atoi
sprintf
strlen
setlocale
exit
__CxxFrameHandler
strcmp
__wgetmainargs

kernel32

CloseHandle
GetProcAddress
LoadLibraryW
GetLastError
CreateMutexW
FindResourceW
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
GetStartupInfoW
SetCurrentDirectoryW
LockResource
LoadResource

user32

IsIconic
GetClientRect
EnableWindow
LoadIconW
GetSysColor
InflateRect
CopyRect
DrawFocusRect
GetDC
ReleaseDC
DrawIcon
GetSystemMetrics
SendMessageW

gdi32

GetTextExtentPoint32W

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AutobatVmcp.exe
.exe windows x86

bcdb5a3ed4d67b0feb25e77bf37de7fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetLastError
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
ReadFile
SetStdHandle
LCMapStringA
LCMapStringW

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BCR_OFF.dat
BCR_ON.dat
DataMentDll.dll
.dll windows x86

f2375b04f4ac7b004e7baed38ace6d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord823
ord1182
ord801
ord860
ord6927
ord858
ord800
ord537
ord540
ord541
ord6883
ord6222
ord6282
ord6143
ord941
ord5683
ord5651
ord3127
ord342
ord3663
ord665
ord1979
ord6385
ord5442
ord5186
ord350
ord354
ord6778
ord6662
ord535
ord4204
ord5856
ord2763
ord922
ord924
ord939
ord825
ord1253
ord3616
ord1168

msvcrt

_findfirst
_mkdir
_access
_rmdir
_unlink
strstr
_mbscmp
free
_initterm
malloc
_adjust_fdiv
_findnext
_findclose
__CxxFrameHandler
_stricmp
_strupr

kernel32

GetProcAddress
LoadLibraryA

user32

MessageBoxA

Exports

Exports

DataCopy
DataDel
MultiDMWrite

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DataMentHDll.dll
.dll windows x86

f2375b04f4ac7b004e7baed38ace6d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord823
ord1182
ord801
ord860
ord6927
ord858
ord800
ord537
ord540
ord541
ord6883
ord6222
ord6282
ord6143
ord941
ord5683
ord5651
ord3127
ord342
ord3663
ord665
ord1979
ord6385
ord5442
ord5186
ord350
ord354
ord6778
ord6662
ord535
ord4204
ord5856
ord2763
ord922
ord924
ord939
ord825
ord1253
ord3616
ord1168

msvcrt

_findfirst
_mkdir
_access
_rmdir
_unlink
strstr
_mbscmp
free
_initterm
malloc
_adjust_fdiv
_findnext
_findclose
__CxxFrameHandler
_stricmp
_strupr

kernel32

GetProcAddress
LoadLibraryA

user32

MessageBoxA

Exports

Exports

DataCopy
DataDel
MultiDMWrite

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DeviceUpdate.exe
.exe windows x86

dadf5ffab535ce84e4e4cd1f8749bffa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetCommandLineA
GetProcAddress

mfc42

ord561
ord815
ord800
ord2818
ord540
ord1575

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
_access
__p___initenv
_stricmp

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Disco878.sys
.exe windows x86

0ec8ad2fcae0c8b3bc9dce30ca4379a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwSetValueKey
ZwClose
RtlInitUnicodeString
IoConnectInterrupt
KeInitializeDpc
MmMapIoSpace
IoDeleteDevice
IoAssignResources
IoDisconnectInterrupt
MmUnmapIoSpace
ExFreePoolWithTag
IoDeleteSymbolicLink
IoStopTimer
IoStartTimer
IoInitializeTimer
IoCreateSymbolicLink
RtlCopyUnicodeString
ZwCreateKey
IoCreateDevice
RtlAppendUnicodeStringToString
RtlIntegerToUnicodeString
RtlAppendUnicodeToString
IofCompleteRequest
IoStartPacket
memmove
READ_REGISTER_UCHAR
READ_REGISTER_USHORT
READ_REGISTER_ULONG
WRITE_REGISTER_UCHAR
WRITE_REGISTER_USHORT
WRITE_REGISTER_ULONG
KeInsertQueueDpc
IoStartNextPacket
MmMapLockedPages
KeSynchronizeExecution
MmFreeContiguousMemory
MmAllocateContiguousMemory
ExAllocatePoolWithTag
MmGetPhysicalAddress

hal

HalTranslateBusAddress
HalGetInterruptVector
HalGetBusData
HalAssignSlotResources

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 301B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 896B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HYNIX_After.dat
HYNIX_Before.dat
MachineDetect.exe
.exe windows x86

cd205d13afdebc677336d0a87e9a53e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileTime
CreateFileA
GetModuleHandleA
GetCommandLineA
GetProcAddress
SetFilePointer
FormatMessageA
GetLastError
LoadLibraryA
GetVersionExA
WriteFile
DeleteFileA
CopyFileA
LocalFree

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

mfc42

ord2764
ord354
ord800
ord6779
ord941
ord5683
ord537
ord561
ord815
ord540
ord860
ord858
ord1575
ord1979
ord6874
ord5442
ord665
ord5186

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_exit
_onexit
__dllonexit
strncat
atoi
printf
exit
strncpy
strncmp
__CxxFrameHandler
_XcptFilter
_stricmp

msvcp60

??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Fpz@std@@3_JB
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JW4seekdir@ios_base@2@@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
??0_Winit@std@@QAE@XZ
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1ios_base@std@@UAE@XZ
??_8?$basic_ifstream@DU?$char_traits@D@std@@@std@@7B@
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??_7?$basic_ifstream@DU?$char_traits@D@std@@@std@@6B@
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_8?$basic_ofstream@DU?$char_traits@D@std@@@std@@7B@
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ofstream@DU?$char_traits@D@std@@@std@@UAE@XZ
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?clear@ios_base@std@@QAEXH_N@Z
?pubseekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@JW4seekdir@ios_base@2@H@Z
??_7?$basic_ofstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PbData/All_Off.dat
PbData/Cst_On.dat
PbData/PB_After.dat
PbData/PB_Before.dat
PbData/Stg_On.dat
PbData/SubCt_Cst_On.dat
PbData/SubCt_On.dat
PbData/SubCt_Stg_On.dat
SetSoftRev.exe
.exe windows x86

393dc560c9f1496452ec45f8c9712889

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetCommandLineA
WritePrivateProfileStringA
GetProcAddress

mfc42

ord561
ord815
ord800
ord4160
ord540
ord1575

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
exit
_XcptFilter
_exit
_onexit
__dllonexit
sprintf
__CxxFrameHandler
__p___initenv

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

Sections

.text
Size: 4KB - Virtual size: 962B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SpKerfcOff.dat
SpKerfcOn.dat
SucceedGemData.exe
.exe windows x86

a925d56b1804fa6d63989f02257cab85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
TerminateProcess
HeapFree
RaiseException
HeapReAlloc
HeapSize
HeapAlloc
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetProcessVersion
FreeLibrary
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
InterlockedDecrement
GlobalFlags
TlsGetValue
SetStdHandle
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
lstrlenA
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
LoadLibraryA
SetHandleCount
GetProcAddress

user32

GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
LoadCursorA
GetSysColorBrush
DestroyMenu
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
SetCursor
GetMessageA
TranslateMessage
PostQuitMessage
PostMessageA
SetWindowsHookExA
GetMessagePos
GetDlgItem
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
UnhookWindowsHookEx

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
DeleteObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Update.EXE
.exe windows x86

7a5effb6348ff666e4a590825c6152eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
SetFileAttributesA
GetFileAttributesA
GetVolumeInformationA
_lopen
lstrcpyA
GetFileTime
GetCurrentThreadId
GetUserDefaultLangID
GetVersionExA
GetModuleHandleA
SystemTimeToFileTime
CreateFileA
_llseek
IsDBCSLeadByte
FileTimeToSystemTime
WriteFile
GetSystemDirectoryA
SearchPathA
GetEnvironmentVariableA
GetWindowsDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
_lread
CloseHandle
DeleteFileA
_lclose
LocalFree
GetStartupInfoA
FindResourceA
SizeofResource
LoadResource
LockResource
LocalAlloc
FreeResource
MultiByteToWideChar
lstrcmpA
lstrcpynA
GetModuleFileNameA
lstrlenA

user32

SetWindowTextA
SendDlgItemMessageA
SetFocus
KillTimer
UnhookWindowsHookEx
SetWindowsHookExA
GetClassInfoA
LoadIconA
SetTimer
IsIconic
GetSystemMetrics
GetWindowRect
SystemParametersInfoA
DestroyIcon
BeginPaint
SendMessageA
DrawIcon
EndPaint
GetDlgItem
EnableWindow
GetDlgItemTextA
CharUpperA
SetDlgItemTextA
GetDesktopWindow
MoveWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
wsprintfA
CharLowerA
CharNextA
CharPrevA
EndDialog
MessageBoxA
GetWindowLongA
CallNextHookEx
DialogBoxIndirectParamA
PostMessageA

gdi32

SetMapMode
GetMapMode

comdlg32

GetFileTitleA
GetOpenFileNameA

advapi32

RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegSetValueA

shell32

ShellExecuteA

crtdll

strchr
_global_unwind2
exit
_local_unwind2
strrchr
atoi
memset
_exit
_XcptFilter
_acmdln_dll
_initterm
__GetMainArgs
_commode_dll
_fmode_dll

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 309B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UpdateApp.exe
.exe windows x86

79e8b455498388304e184cd5e145d64a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord324
ord825
ord641
ord4234
ord4710
ord2379
ord1175
ord800
ord860
ord540
ord2370
ord6334
ord939
ord1158
ord4673
ord4274
ord6375
ord4486
ord2554
ord5277
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord2621
ord1134
ord1146
ord1168
ord4160
ord2863
ord3619
ord3626
ord3663
ord755
ord2414
ord537
ord6172
ord5789
ord1641
ord5875
ord470
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord2512
ord5265
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_setmbcp
_strnicmp
__CxxFrameHandler
atoi
_findfirst
_splitpath
_unlink
_controlfp
remove
fputc
fgetc
_mkdir
fclose
fopen
system
_findclose

kernel32

GetStartupInfoA
GetModuleHandleA
GetExitCodeProcess
GetSystemDirectoryA
lstrcatA
CloseHandle
GetVersionExA
GetCurrentProcess
LoadLibraryA
GetProcAddress
CreateEventA
CreateProcessA
Sleep
WaitForSingleObject

user32

IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
wsprintfA
ExitWindowsEx
EnableWindow
KillTimer
MessageBoxA
SetTimer
SendMessageA

gdi32

CreateFontA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
V201bug.dat
YScale.dat
autobat.bat
bat/K2.MSR
bright.dat
cst/ERR3.DAT
cst/Err5.dat
cst/Err6.dat
cst/LogView.DAT
cst/ProcTbl.dat
cst/comment3.dat
cst/comment4.dat
cst/comment5.dat
cst/comment7.dat
cst/constant.dat
cst/dio_name.dat
cst/err4.dat
data/DevChg.dat
ddf/AXIS_PARA.ddf
ddf/BladeInf.ddf
ddf/DEVICE.DDF
ddf/MACHINE.BAT
ddf/MACHINE.DDF
ddf/SETUP.DDF
ddf/SUPER.DDF
ddf/aval.ddf
ddf/maker.ddf
devnew.dat
dsbin/ALI.DMB
dsbin/ALI_CSP.DMB
dsbin/ALI_CSPC.DMB
dsbin/ALI_FAST.DMB
dsbin/ALI_SP.DMB
dsbin/AdjEdge.DMB
dsbin/Ae480.DMB
dsbin/AeHost8.DMB
dsbin/AeMinus.DMB
dsbin/AeMinusA4AL.DMB
dsbin/Ali_Nsd.DMB
dsbin/Auto.DMB
dsbin/Auto1.DMB
dsbin/AxisDrv.DMB
dsbin/AxisParamJig.DMB
dsbin/AxisParamWR.DMB
dsbin/CCSetup.DMB
dsbin/CENT.DMB
dsbin/CHECKCUT.DMB
dsbin/CLEAN.DMB
dsbin/CLND_TIM.DMB
dsbin/CUT_EDGE.DMB
dsbin/CUT_FLAT.DMB
dsbin/Click.DMB
dsbin/ClickWafer.DMB
dsbin/Common.DMB
dsbin/CtVac.DMB
dsbin/Cut.DMB
dsbin/Cut_csp.DMB
dsbin/Cut_cspC.DMB
dsbin/Dress.DMB
dsbin/ENTRY.DMB
dsbin/ErrM.DMB
dsbin/FINDEDGE.DMB
dsbin/Fdress.DMB
dsbin/Focus.DMB
dsbin/Foup.DMB
dsbin/FullAuto.DMB
dsbin/FullDBG.DMB
dsbin/Index.DMB
dsbin/J_AxisRn.DMB
dsbin/J_D_Axis.DMB
dsbin/KERFC.DMB
dsbin/LIGHT.DMB
dsbin/LightDrv.DMB
dsbin/ManuAli.DMB
dsbin/Onecut.DMB
dsbin/PBCOMMON.DMB
dsbin/PBDRESS.DMB
dsbin/PPSelect.DMB
dsbin/SPNDL.DMB
dsbin/Setup.DMB
dsbin/SlctThetaDrv.DMB
dsbin/SpndlDrv.DMB
dsbin/Syoki.DMB
dsbin/Sysinit.DMB
dsbin/TEACH.DMB
dsbin/Tapehair.DMB
dsbin/TiDrv.DMB
dsbin/Water.DMB
dsbin/ctclean.DMB
dsbin/hansouchousei.DMB
dsbin/orifla.DMB
dsbin/secs.DMB
dsbin/simpleAxis.DMB
patch.dat
pno.dat
scmp.exe
.exe windows x86

d2ffa6d0ebd84db3060daaa65ed591be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
LCMapStringA
LCMapStringW
GetCPInfo
SetUnhandledExceptionFilter
HeapSize
GetModuleHandleA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetLastError
SetFilePointer
FlushFileBuffers
CloseHandle
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
ReadFile
SetStdHandle
GetLocaleInfoW

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sdf/AUX_MENU.sdf
sdf/AXISADJ.sdf
sdf/AXISADJ.sdm
sdf/Analog.sdf
sdf/Analog_usr.sdf
sdf/Analog_usr.sdm
sdf/Analog_usr2.sdm
sdf/Analog_usr3.sdf
sdf/Analog_usr3.sdm
sdf/Analog_usr_pb.sdf
sdf/Analog_usr_pb.sdm
sdf/BASIC.sdm
sdf/BASIC.sds
sdf/BOARD_STATUS.sdf
sdf/CCS_HAIR.sdf
sdf/CCS_HAIR2.sdf
sdf/CHGBOARD.sdf
sdf/CHGDRS.sdf
sdf/CHGDRS.sdm
sdf/CLNDR_T.sdf
sdf/CLNDR_T.sdm
sdf/CUTBLD.sdf
sdf/CUTSTAT.sdf
sdf/CUTSTAT.sdm
sdf/DEVCHG.sdf
sdf/DEVDAT1D.sdf
sdf/DEVDAT1D.sdm
sdf/DEVDAT2.sdf
sdf/DEVDAT2.sdm
sdf/DEVDAT22.sdf
sdf/DEVDAT22.sdm
sdf/DEVDAT25.sdf
sdf/DEVDAT25.sdm
sdf/DEVDAT3.sdf
sdf/DEVDAT3.sdm
sdf/DEVDAT33.sdf
sdf/DEVDAT33.sdm
sdf/DEVDAT3L.sdf
sdf/DEVDAT3L.sdm
sdf/DEVDAT4.sdf
sdf/DEVDAT4.sdm
sdf/DEVDAT5.sdf
sdf/DEVDAT6.sdf
sdf/DEVDAT6.sdm
sdf/DEVDAT8.sdf
sdf/DEVDAT8.sdm
sdf/DEVDAT88.sdf
sdf/DEVDAT88.sdm
sdf/DEVDAT888.sdf
sdf/DEVDAT8L.sdf
sdf/DEVDAT8L.sdm
sdf/DEVDATPB_CST.sdf
sdf/DEVDATPB_CST.sdm
sdf/DEVDATPB_ST.sdf
sdf/DEVDATPB_ST.sdm
sdf/DEVDATPOSINF.sdf
sdf/DEVDATPOSINF.sdm
sdf/DEVDATSEL.sdf
sdf/DEVRONLY.sdf
sdf/DEVSP2.sdf
sdf/DEVSP22.sdf
sdf/DEVSP23.sdf
sdf/DRS_STOP.sdf
sdf/DRS_STOP.sdm
sdf/E84_IO.sdf
sdf/INSPEC.sdf
sdf/J_MAIN.sdf
sdf/J_MAIN.sdm
sdf/J_MAIN2.sdf
sdf/J_MAIN2.sdm
sdf/KERF.sdf
sdf/KERF.sdm
sdf/KERF1.sdf
sdf/KERF1.sdm
sdf/KERF2.sdf
sdf/KERF2.sdm
sdf/KERF3.sdf
sdf/KERF3.sdm
sdf/KERF4.sdf
sdf/KERF4.sdm
sdf/KERF_SP.sdf
sdf/KERF_SP.sdm
sdf/LIGHT.sdf
sdf/LOADDEV.sdf
.ps1
sdf/LOADDEV.sdm
.ps1
sdf/LOG_TOOLS.sdf
sdf/LOOPBACK.sdf
sdf/LOOPBACK.sdm
sdf/MAKER1.sdf
sdf/MAKER1.sdm
sdf/MAKER1.sds
sdf/MAKER2.sdf
sdf/MAKER2.sdm
sdf/MAKER3.sdf
sdf/MAKER4.sdf
sdf/MAKER4.sdm
sdf/MAKER5.sdf
sdf/MAKER5.sdm
sdf/MAKER6.sdf
sdf/MAKER6.sdm
sdf/MENU00.sdf
sdf/MENU10.sdf
sdf/MENU10.sdm
sdf/MENU13.sdf
sdf/MENU13.sdm
sdf/MENU131.sdf
sdf/MENU14.sdf
sdf/MENU14.sdm
sdf/MENU16.sdf
sdf/MENU16.sdm
sdf/MENU18.sdf
sdf/MENU18.sdm
sdf/MENU20.sdf
sdf/MENU221.sdf
sdf/MENU221.sdm
sdf/MENU222.sdf
sdf/MENU222.sdm
sdf/MENU23.sdf
sdf/MENU23.sdm
sdf/MENU231.sdf
sdf/MENU24.sdf
sdf/MENU24.sdm
sdf/MENU25.sdf
sdf/MENU25.sdm
sdf/MENU30.sdf
sdf/MENU30.sdm
sdf/MENU311D.sdf
sdf/MENU311D.sdm
sdf/MENU312.sdf
.ps1
sdf/MENU312.sdm
sdf/MENU3122.sdf
sdf/MENU3122.sdm
sdf/MENU3125.sdf
sdf/MENU3125.sdm
sdf/MENU313.sdf
sdf/MENU313.sdm
sdf/MENU3133.sdf
sdf/MENU3133.sdm
sdf/MENU313L.sdf
sdf/MENU313L.sdm
sdf/MENU314.sdf
sdf/MENU314.sdm
sdf/MENU315.sdf
.ps1
sdf/MENU316.sdf
sdf/MENU316.sdm
sdf/MENU318.sdf
sdf/MENU318.sdm
sdf/MENU3188.sdf
sdf/MENU3188.sdm
sdf/MENU31888.sdf
sdf/MENU318L.sdf
sdf/MENU318L.sdm
sdf/MENU31PB_CST.sdf
sdf/MENU31PB_CST.sdm
sdf/MENU31PB_ST.sdf
sdf/MENU31PB_ST.sdm
sdf/MENU31POSINF.sdf
sdf/MENU31POSINF.sdm
sdf/MENU31SEL.sdf
sdf/MENU32.sdf
sdf/MENU33.sdf
sdf/MENU34.sdf
sdf/MENU35.sdf
sdf/MENU36.sdf
.ps1
sdf/MENU37.sdf
sdf/MENU38.sdf
sdf/MENU39.sdf
sdf/MENU40.sdf
sdf/MENU41.sdf
sdf/MENU41.sdm
sdf/MENU43.sdf
sdf/MENU431.sdf
sdf/MENU431.sdm
sdf/MENU432.sdf
sdf/MENU432.sdm
sdf/MENU433.sdf
sdf/MENU433.sdm
sdf/MENU4330.sdf
sdf/MENU434.sdf
sdf/MENU434.sdm
sdf/MENU435.sdf
sdf/MENU435.sdm
sdf/MENU440.sdf
sdf/MENU46.sdf
sdf/MENU46.sdm
sdf/MENU47.sdf
sdf/MENU47.sdm
sdf/MENU4710.sdf
sdf/MENU4710.sdm
sdf/MENU473.sdf
sdf/MENU473.sdm
sdf/MENU475.sdf
sdf/MENU47SP.sdf
sdf/MENU47SP.sdm
sdf/MENU52.sdf
sdf/MENU53.sdf
sdf/MENU53.sdm
sdf/MENU531.sdf
sdf/MENU531.sdm
sdf/MENU533.sdf
sdf/MENU533.sdm
sdf/MENU5333D.sdf
sdf/MENU5336D.sdf
sdf/MENU533D.sdf
sdf/MENU538.sdf
sdf/MENU68.sdf
sdf/MENU68.sdm
sdf/MENU72.sdf
sdf/MENU72.sdm
sdf/MENU74.sdf
sdf/MENU74.sdm
sdf/MENU742.sdf
sdf/MENU742.sdm
sdf/MENU744.sdf
sdf/MENU7441.sdf
sdf/MENU7442.sdf
sdf/MENU7442.sdm
sdf/MENU74422.sdf
sdf/MENU74422.sdm
sdf/MENU74423.sdf
sdf/MENU74423.sdm
sdf/MENU7443.sdf
sdf/MENU781.sdf
sdf/MENU781.sdm
sdf/NSD_ADJ.sdf
sdf/NSD_ADJ.sdm
sdf/OPEDEV0.sdf
sdf/OPEDEV0.sdm
sdf/OPEDEV02.sdf
sdf/OPEDEV03.sdf
sdf/OPEDEV04.sdf
sdf/OPEDEV05.sdf
sdf/OPEDEV08.sdf
sdf/OPEDEV09.sdf
sdf/OPEDEV1D.sdf
sdf/OPEDEV1D.sdm
sdf/OPEDEV2.sdf
sdf/OPEDEV2.sdm
sdf/OPEDEV22.sdf
sdf/OPEDEV22.sdm
sdf/OPEDEV25.sdf
sdf/OPEDEV25.sdm
sdf/OPEDEV3.sdf
sdf/OPEDEV3.sdm
sdf/OPEDEV33.sdf
sdf/OPEDEV33.sdm
sdf/OPEDEV3L.sdf
sdf/OPEDEV3L.sdm
sdf/OPEDEV4.sdf
sdf/OPEDEV4.sdm
sdf/OPEDEV5.sdf
sdf/OPEDEV6.sdf
sdf/OPEDEV6.sdm
sdf/OPEDEV8.sdf
sdf/OPEDEV8.sdm
sdf/OPEDEV88.sdf
sdf/OPEDEV88.sdm
sdf/OPEDEV888.sdf
sdf/OPEDEV8L.sdf
sdf/OPEDEV8L.sdm
sdf/OPEDEVPB_CST.sdf
sdf/OPEDEVPB_CST.sdm
sdf/OPEDEVPB_ST.sdf
sdf/OPEDEVPB_ST.sdm
sdf/OPEDEVPOSINF.sdf
sdf/OPEDEVPOSINF.sdm
sdf/OPEDEVSEL.sdf
sdf/PB_CST_SLOT.sdf
sdf/PROCESS.sdf
sdf/READBCRC.sdf
sdf/READDEV1D.sdf
sdf/READDEV1D.sdm
sdf/READDEV2.sdf
sdf/READDEV2.sdm
sdf/READDEV22.sdf
sdf/READDEV22.sdm
sdf/READDEV25.sdf
sdf/READDEV25.sdm
sdf/READDEV3.sdf
sdf/READDEV3.sdm
sdf/READDEV33.sdf
sdf/READDEV33.sdm
sdf/READDEV3L.sdf
sdf/READDEV3L.sdm
sdf/READDEV4.sdf
sdf/READDEV4.sdm
sdf/READDEV5.sdf
sdf/READDEV6.sdf
sdf/READDEV6.sdm
sdf/READDEV8.sdf
sdf/READDEV8.sdm
sdf/READDEV88.sdf
sdf/READDEV88.sdm
sdf/READDEV888.sdf
sdf/READDEV8L.sdf
sdf/READDEV8L.sdm
sdf/READDEVPB_CST.sdf
sdf/READDEVPB_CST.sdm
sdf/READDEVPB_ST.sdf
sdf/READDEVPB_ST.sdm
sdf/READDEVPOSINF.sdf
sdf/READDEVPOSINF.sdm
sdf/READDEVSEL.sdf
sdf/RECAGV1.sdf
sdf/RECALI.sdf
sdf/RECBCRC.sdf
sdf/RECBCRF.sdf
sdf/RECBLD.sdf
sdf/RECDRSBLD.sdf
sdf/RECHAIRADJ.sdf
sdf/RECHANPV.sdf
sdf/RECPPSELECT.sdf
sdf/RECRCMDC.sdf
sdf/RECRCMDF.sdf
sdf/REC_PB_CST.sdf
sdf/REC_PB_HAIR.sdf
sdf/SECSMODE.sdf
sdf/SP_BCR.sdf
sdf/STARTUP.sdf
sdf/STATUS.sdf
sdf/STOP.sdf
sdf/STOP.sdm
sdf/STOP1.sdf
sdf/STOP1.sdm
sdf/STOP_ALI.sdf
sdf/STOP_ALI.sdm
sdf/STROKE.sdf
sdf/STROKE.sdm
sdf/STROKE2.sdf
sdf/STROKE2.sdm
sdf/SUPER.sds
sdf/SUPER1.sdf
sdf/SUPER1.sdm
sdf/SUPER2.sdf
sdf/SUPER2.sdm
sdf/SUPER3.sdf
sdf/SUPER3.sdm
sdf/SUPER3_SUB.sdf
sdf/SUPER4.sdf
sdf/SUPER4.sdm
sdf/SUPER5.sdf
sdf/SUPER5.sdm
sdf/SYSINFO.sdf
sdf/SYSINIT.sdf
sdf/Super_sp1.sdf
sdf/TEACHEX.sdf
sdf/TERMBLINK.inc
sdf/TERMEX.sdf
sdf/TERMEX.sdm
.ps1
sdf/TERMMSG.sdf
sdf/TOOLS.sdf
sdf/T_PARA_SEL_A4L.sdf
sdf/T_PARA_SEL_A4L.sdm
sdf/T_PARA_SET_A4L.sdf
sdf/T_PARA_SET_A4L.sdm
sdf/T_PARA_SUB_A4L.sdf
sdf/W_VIEW.sdf
sdf/hansouchousei1.sdf
sdf/hansouchousei1.sdm
sdf/hansouchousei2.sdf
sdf/hansouchousei2.sdm
sdf/maker26.sdf
sdf/menu5336.sdf
sdf/menu54.sdf
sdf/menu541.sdf
.ps1
sdf/menu542.sdf
.ps1
sdf/menu543.sdf
.ps1
sdf/menu721.sdf
sdf/menu721.sdm
sdf/recdev.sdf
sdf/recdev2.sdf
select.dat
share/Alarm.ini
share/CEID.INI
share/Comm.ini
share/Comm.v2i
share/SecsSp.ini
share/VID.INI

Sharing

General

Malware Config

Signatures

Files

dfa6126084392c17dc1c801d8f894feb

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

gdi32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

bcdb5a3ed4d67b0feb25e77bf37de7fd

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 17KB

f2375b04f4ac7b004e7baed38ace6d83

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 456B

.rsrc Size: 4KB - Virtual size: 880B

.reloc Size: 4KB - Virtual size: 744B

f2375b04f4ac7b004e7baed38ace6d83

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 472B

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 760B

dadf5ffab535ce84e4e4cd1f8749bffa

Headers

File Characteristics

Imports

kernel32

mfc42

msvcrt

msvcp60

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 556B

.rsrc Size: 4KB - Virtual size: 160B

0ec8ad2fcae0c8b3bc9dce30ca4379a9

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 17KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 456B

.rsrc
Size: 4KB - Virtual size: 880B

.reloc
Size: 4KB - Virtual size: 744B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 472B

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 760B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 556B

.rsrc
Size: 4KB - Virtual size: 160B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 384B - Virtual size: 301B

.data
Size: 48KB - Virtual size: 48KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 896B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 454B

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 160B

.text
Size: 4KB - Virtual size: 962B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 408B

.rsrc
Size: 4KB - Virtual size: 160B

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 160B

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 512B - Virtual size: 309B

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB