adfc7bf2ad5f2f38fca50ca74c4db38a514f820a1446aeb41ba91743dd161eea

Sharing

Copy URL Twitter E-mail

General

Target

adfc7bf2ad5f2f38fca50ca74c4db38a514f820a1446aeb41ba91743dd161eea
Size

608KB
MD5

722a8d28e71ca8719013c489be6f44f4
SHA1

323892a18db772ef888ed1ce37b2cfb48847e2c2
SHA256

adfc7bf2ad5f2f38fca50ca74c4db38a514f820a1446aeb41ba91743dd161eea
SHA512

319621cae065af4d4aca6c5e089e13a7c369af5326e7fe117e1d2ec0e914f60cb610d45651e07ae0eeba0413511546276a4cf1132d65bf9943d14b729af119e1
SSDEEP

6144:29hdkUMeq78/OIesmpFMl58ISc9so63SOOp9KgFAGKPKlzzRxHiBiV817bWYbKVK:2fq78/OhsmpUKIS6so6OtxCB/KVtQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adfc7bf2ad5f2f38fca50ca74c4db38a514f820a1446aeb41ba91743dd161eea

Files

adfc7bf2ad5f2f38fca50ca74c4db38a514f820a1446aeb41ba91743dd161eea
.dll windows:6 windows x86 arch:x86

3a59c7cd82011ba24faedfa3ff90dc0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SC007\00 标准单元\210119 ITE V2\ITEadmin\Debug\TL_TEDD_MySQL\TL_TEDD_MySQL.pdb

Imports

kernel32

CreateFileA
WriteFile
CloseHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ReadConsoleW
ReadFile
SetEndOfFile
CreateFileW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
EncodePointer
DecodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FatalAppExitA
GetModuleFileNameW
GetModuleHandleExW
HeapValidate
GetSystemInfo
GetLastError
GetProcAddress
LoadLibraryExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
CreateSemaphoreW
RtlUnwind
GetStdHandle
GetFileType
ExitProcess
AreFileApisANSI
CreateDirectoryW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThread
GetFileAttributesExW
GetTimeZoneInformation
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
OutputDebugStringA
WriteConsoleW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
HeapAlloc
VirtualQuery
FreeLibrary
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableA

wininet

FtpOpenFileA
InternetReadFile
InternetConnectA
InternetOpenA
FtpGetFileSize

libmysql

mysql_close
mysql_fetch_row
mysql_free_result
mysql_use_result
mysql_query
mysql_real_connect
mysql_init
mysql_error
mysql_num_fields

Exports

Exports

ITE_Get_DUTInfo
ITE_Get_File
ITE_Get_SysVer
ITE_Get_XLS_Hash
ITE_Set_DUTInfo
ITE_User_Approval
ITE_User_Change
ITE_User_ChangeInfo
ITE_User_Confirm
ITE_User_New
PMP_Insert_BOMOA
PMP_Insert_JIGINFO
PMP_Insert_JIGSM
PMP_Insert_PROINFO
PMP_Insert_REQOA
PMP_SEL_API
PMP_SEL_API_V2
PMP_Updata_API

Sections

.textbss
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a59c7cd82011ba24faedfa3ff90dc0c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

wininet

libmysql

Exports

Exports

Sections

.textbss Size: - Virtual size: 228KB

.text Size: 476KB - Virtual size: 476KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 7KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 21KB - Virtual size: 21KB

.textbss
Size: - Virtual size: 228KB

.text
Size: 476KB - Virtual size: 476KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 7KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 21KB - Virtual size: 21KB