b22954267cb13b96d9f51575bdd2c0c9c9677a2420654583800213fb9987ebfe

Sharing

Copy URL Twitter E-mail

General

Target

b22954267cb13b96d9f51575bdd2c0c9c9677a2420654583800213fb9987ebfe
Size

160KB
MD5

caab63874517f51fa838609b58bde259
SHA1

7a42da95bf851bd23ed4a6a531ab8c48f90854e0
SHA256

b22954267cb13b96d9f51575bdd2c0c9c9677a2420654583800213fb9987ebfe
SHA512

4f7fdaffa69a0567dba67534db2ef5c2d27c1da5b11fb3648af46fceed9df7206172ffd6d33880cf19e95ffe65ffc1ae20b09701fb21491550076f6aa2769977
SSDEEP

3072:8rF8rhK4IefVf7irh55NJivtPgfv2oYpSN1ZOpQp6:EefVf7irl+tPgfv2oTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b22954267cb13b96d9f51575bdd2c0c9c9677a2420654583800213fb9987ebfe

Files

b22954267cb13b96d9f51575bdd2c0c9c9677a2420654583800213fb9987ebfe
.dll windows:5 windows x86 arch:x86

23b1dd330fa35f96bf6b71d7c6e43619

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SC007\00 标准单元\170313 过站管控\01 SourceCode\ATS_Station_Management\Debug\ATS_Station_Managment.pdb

Imports

kernel32

Sleep
GetModuleFileNameA
GetModuleFileNameW
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
GetProcAddress
GetLastError
RaiseException
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleW

user32

MessageBoxA

ociliba

_OCI_LobRead@12
_OCI_GetLob@8
_OCI_GetString2@8
_OCI_GetString@8
_OCI_FetchNext@4
_OCI_ReleaseResultsets@4
_OCI_GetResultset@4
_OCI_GetSql@4
_OCI_ExecuteStmt@8
_OCI_GetInt@8
_OCI_StatementCreate@4
_OCI_SetAutoCommit@8
_OCI_Rollback@4
_OCI_Commit@4
_OCI_ConnectionFree@4
_OCI_ConnectionCreate@16
_OCI_ErrorGetStatement@4
_OCI_ErrorGetOCICode@4
_OCI_ErrorGetString@4
_OCI_GetLastError@0
_OCI_Cleanup@0
_OCI_Initialize@12
_OCI_StatementFree@4
_OCI_GetRowCount@4
_OCI_GetColumnCount@4

upmescfg

UpdateMesCfg

msvcr120d

_amsg_exit
_wsplitpath_s
_wmakepath_s
wcscpy_s
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_dbg
??2@YAPAXI@Z
??3@YAXPAX@Z
toupper
memcpy
memset
strcpy_s
strcpy
strcmp
strlen
_stricmp
strncmp
_access
_mkdir
fclose
fopen
fputs
fseek
_CrtDbgReportW
printf
_snprintf
sprintf
strtol
_localtime64
_time64
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_CRT_RTC_INITW
__CppXcptFilter
fwrite
_malloc_dbg
_free_dbg
_CrtSetCheckCount
_initterm
_initterm_e
_lock
_unlock

Exports

Exports

ATS_CALL_IT_SQL_API
ATS_InsertDataRow
ATS_InsertDataRow_JIG
ATS_InsertDataRow_JIG_V2
ATS_InsertDataRow_OFFLINE_V2
ATS_InsertErrorData
ATS_InsertFailCode
ATS_InsertFailCode_V2
ATS_InsertJIGNumber
ATS_InsertRoutMaintain
ATS_InsertTestData
ATS_InsertTestResult
ATS_InsertTestResult_V2
ATS_OffLine_InsertResult_V2
ATS_SelectATSStationName
ATS_SelectMaterialCode
ATS_SelectSONYInfo
ATS_SelectTestYorN
ATS_SelectTestYorN_Batch
ATS_SelectTestYorN_Batch_LineName
Ali_GetBatch
Ali_GetSNRange
BtSpkCheckSN
GetData
GetDataOrderBy
GetDbTime
GetDbTimeStamp
Get_ExePath
HW_InsertDataRow
InsertData
InsertOneRowData
InsertTwoData
Insert_WisillicaData
MES_GetMACorSN_OrderByData
MES_OnlyInsertDataRow
Product_BindSNGet_NewSN
Product_BindSN_GetBINKEY
Product_BindSN_GetKEY
Product_GetKEYBinbyMAC
Product_GetKEY_DBHashValue
Product_GetSNorMAC
Product_GetScriptContent
Product_GetTwoSNorMAC
Product_OvercodeGet_MAC
Product_SN_GetBINKEY
Product_SN_GetBINKEY_SaveFile
Product_SN_GetKEY
Product_SnBD_BindSN
Product_SnGet_BindSN
Product_SnMacBind
SelectOneRowData
TestConnect
UpdateData
UpdateDataTwoCondition
UpdateOneDataTwoCondition
UpdateOneRowData
WriteLog
p_CheckSeqResult

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23b1dd330fa35f96bf6b71d7c6e43619

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ociliba

upmescfg

msvcr120d

Exports

Exports

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB