4a8aa1ab790f64c6a2caee7842a98d6e54040e263fd2fe6b34197e6b41d660e0

Sharing

Copy URL

Twitter E-mail

General

Target

4a8aa1ab790f64c6a2caee7842a98d6e54040e263fd2fe6b34197e6b41d660e0
Size

1.1MB
MD5

b313844239472b73ac5c2b63340d0a45
SHA1

1ad8e6a1b90fd77807c3ad6e4c3ee1b1af0671e3
SHA256

4a8aa1ab790f64c6a2caee7842a98d6e54040e263fd2fe6b34197e6b41d660e0
SHA512

67f283b5d1a0c6db60e98bd7ff3c391c11e82a500ae1101da0b449a0af8dd4f3b007ae8e6be20c0586188cb101c7f76dcee6e2cbfa802f8f954ac26c1f993f33
SSDEEP

24576:kYUSoJPauF8X4cnmei6PSOSlj03omwkQw/VMlZEpLCCiaVrr:yF8X4cnmei6PSOSlj03omwkQw/VWq7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a8aa1ab790f64c6a2caee7842a98d6e54040e263fd2fe6b34197e6b41d660e0

Files

4a8aa1ab790f64c6a2caee7842a98d6e54040e263fd2fe6b34197e6b41d660e0
.exe windows:4 windows x86

cd1a4edd5747f9102b33de46b42d25fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

6126

ord2
ord1
ord5
ord6

pci-dask

DO_WritePort
DI_ReadPort
Register_Card

tablemove

??0CTableMove@@QAE@XZ
?TabRun@CTableMove@@QAEXNNNNNNNNNNNNNNNNPAN00@Z

8134

home_move
set_position
get_position
W_8134_Initial
manu_move
set_manu_iptmode
W_8134_Set_Config
W_8134_INT_Enable
W_8134_Set_INT_Control
set_int_factor
set_move_ratio
set_alm_logic
set_inp_logic
set_home_config
set_pls_outmode
set_pls_iptmode
set_cnt_src
motion_done
W_8134_Close
get_io_status
start_a_move
wait_for_done
v_stop
start_ta_move
start_tas_move
start_r_move
v_change
start_s_move

gdiplus

GdipCreateFromHWNDICM
GdipDrawImageRectI
GdipFree
GdipAlloc
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdiplusStartup
GdipCreateFromHWND
GdipCloneImage
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusShutdown
GdipDeleteGraphics

cpro

??1CProImage@@UAE@XZ
??0CProRect@@QAE@ABV0@@Z
??0CProImage@@QAE@HHW4Format@CProData@@PAX_N@Z
?Free@CProImage@@QAE_NXZ
??4CProRect@@QAEAAV0@ABV0@@Z
??0CProRect@@QAE@XZ
??0CProImage@@QAE@HHW4Format@CProData@@AAVCProRect@@PAX_N@Z
??0CProRect@@QAE@HHHH@Z
?SetErrorMode@CProManager@@SAXW4ErrorMode@1@@Z

cprosearch

?SetMinRotation@CProSearchEdge@@QAE_NM@Z
?SetMaxRotation@CProSearchEdge@@QAE_NM@Z
?SetMinScale@CProSearchEdge@@QAE_NM@Z
?SetMaxScale@CProSearchEdge@@QAE_NM@Z
??0CProSearchEdge@@QAE@XZ
??1CProSearchEdge@@UAE@XZ

xvisiontool

??0CXVisionTool@@QAE@XZ
?SetPatternArea@CXVisionTool@@QAE_NHHHHH@Z
?LoadPatternImage@CXVisionTool@@QAE_NPAD@Z
?Inspect@CXVisionTool@@QAE_NHHHHH@Z
??1CXVisionTool@@QAE@XZ

capturetool

?GetPosition@CCaptureTool@@QAEXPAD@Z
?Grab@CCaptureTool@@QAE_NXZ
?SaveImgToFile@CCaptureTool@@QAEHPAD@Z
?InitialDH@CCaptureTool@@QAE_NXZ
??0CCaptureTool@@QAE@XZ
?SaveImgToFile2@CCaptureTool@@QAEHPAD@Z

kernel32

GetCurrentDirectoryA
SetErrorMode
GetTickCount
RtlUnwind
CreateDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
CreateThread
ExitThread
GetACP
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
VirtualAlloc
LocalFileTimeToFileTime
GetProcessVersion
GetOEMCP
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CopyFileA
FormatMessageA
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
CreateMutexA
GetLastError
DeleteFileA
FindFirstFileA
MulDiv
lstrlenW
MultiByteToWideChar
lstrlenA
Sleep
GetCPInfo
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
SizeofResource
TlsAlloc
LocalAlloc
SystemTimeToFileTime
GlobalFlags
GetCurrentProcess
GetDiskFreeSpaceA
GetFileSize
GetTempFileNameA
GetFileTime
SetFileTime
GetPrivateProfileStringA
GetFileAttributesA
WritePrivateProfileStringA
GetCurrentThread
GetPrivateProfileIntA
GlobalAlloc
CreateEventA
FileTimeToLocalFileTime
FileTimeToSystemTime
ResumeThread
SuspendThread
SetThreadPriority
SetLastError
SetEvent
WaitForSingleObject
GetShortPathNameA
lstrcmpA
GetModuleFileNameA
GetFullPathNameA
GetThreadLocale
GetStringTypeExA
MoveFileA
GetVolumeInformationA
FindClose
LockFile
SetEndOfFile
UnlockFile
SetFilePointer
CloseHandle
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
IsBadWritePtr
DuplicateHandle
lstrcpynA
GetProfileStringA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetStringTypeA
GetStringTypeW
SetFileAttributesA
GetProfileIntA

user32

MessageBeep
AppendMenuA
GetSystemMenu
GetClassNameA
GetSysColorBrush
LoadStringA
SetParent
IsRectEmpty
InsertMenuA
GetMenuStringA
DestroyIcon
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
WindowFromPoint
InvertRect
FillRect
RegisterClipboardFormatA
PostThreadMessageA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
CharUpperA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
GetDesktopWindow
ReleaseCapture
LockWindowUpdate
LoadAcceleratorsA
TranslateAcceleratorA
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
SetRectEmpty
GetDCEx
SetCapture
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
MessageBoxA
LoadIconA
LoadMenuA
SetRect
PtInRect
ReleaseDC
FindWindowA
GetSystemMetrics
RegisterHotKey
PeekMessageA
TranslateMessage
DispatchMessageA
GetMenu
GetSubMenu
DeleteMenu
SystemParametersInfoA
LoadCursorA
SetCursor
InflateRect
IsZoomed
GetAsyncKeyState
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
UpdateWindow
InvalidateRect
GetWindowRect
GetWindow
LoadBitmapA
KillTimer
SendMessageA
SetTimer
GetDC
GetClientRect
EnableWindow
GetCursorPos
GetMessageA
ValidateRect
GrayStringA
IntersectRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode

gdi32

CreateSolidBrush
SetTextColor
GetClipBox
PatBlt
UnrealizeObject
GetTextMetricsA
GetDeviceCaps
GetTextExtentPointA
CreateDIBitmap
CreateFontIndirectA
Ellipse
SetBkColor
Rectangle
Arc
GetObjectA
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
LineTo
SetTextAlign
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateHatchBrush
CreatePatternBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
CreateRectRgnIndirect
DPtoLP
CreateDCA
GetTextExtentPoint32A
CreateCompatibleDC
CreateCompatibleBitmap
StretchDIBits
CreateFontA
GetMapMode
GetCharWidthA
CombineRgn
GetTextColor
SetRectRgn
LPtoDP
ExcludeClipRect
GetBkColor
BitBlt
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
SelectClipRgn
SetWindowOrgEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetViewportExtEx
SetROP2
SetMapMode
CreatePen

comdlg32

CommDlgExtendedError
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetFileSecurityA
RegQueryValueExA
SetFileSecurityA
RegSetValueA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_Destroy
ord17

oledlg

ord8

ole32

OleFlushClipboard
CoRevokeClassObject
CLSIDFromProgID
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 720KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ShareDa
Size: 4KB - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd1a4edd5747f9102b33de46b42d25fb

Headers

File Characteristics

Imports

6126

pci-dask

tablemove

8134

gdiplus

cpro

cprosearch

xvisiontool

capturetool

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 720KB - Virtual size: 718KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 84KB - Virtual size: 168KB

.ShareDa Size: 4KB - Virtual size: 240B

.rsrc Size: 180KB - Virtual size: 180KB

.text
Size: 720KB - Virtual size: 718KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 84KB - Virtual size: 168KB

.ShareDa
Size: 4KB - Virtual size: 240B

.rsrc
Size: 180KB - Virtual size: 180KB