e769716c3834086221534266bfb471d17b605c0007c48ff21e67f13737467d5d

Sharing

Copy URL Twitter E-mail

General

Target

e769716c3834086221534266bfb471d17b605c0007c48ff21e67f13737467d5d
Size

1.1MB
MD5

c6a61c0b6a4313ab418a7a3694fe7e16
SHA1

f217ae4a9eaa8b2baaa2608ea377c7fac08cc192
SHA256

e769716c3834086221534266bfb471d17b605c0007c48ff21e67f13737467d5d
SHA512

954f25750bfcb5c7b0791c9f2008d2b3ff9b3e94fac7ce58b0e9af08acce6babb22094cb24d907d6a0d49b11b24c5c5915a4da7dec88f384b7f6df173f00e84b
SSDEEP

24576:oes0+LGCIzWYUzdEJ6Shry1ZLY9WnBo1V7A2Ts6lRilFwXtpMss5X3phtRv:oDfUzBkGriy7/UX7tRv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e769716c3834086221534266bfb471d17b605c0007c48ff21e67f13737467d5d

Files

e769716c3834086221534266bfb471d17b605c0007c48ff21e67f13737467d5d
.dll windows:6 windows x86 arch:x86

37f772144a094820421d846753968a7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\SVN\Code\RoboX\RoboX V2.1.3\Target\Release\RobotSDK.pdb

Imports

base

base64_decodeEx
?To_string@StringUtil@Base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?GetIpAndMacInfo@IPUtil@Base@@YAXAAV?$vector@U_AdapterInfo@IPUtil@Base@@V?$allocator@U_AdapterInfo@IPUtil@Base@@@std@@@std@@@Z
?SearchSameNetSection@IPUtil@Base@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?To_string@StringUtil@Base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@M@Z
?To_string@StringUtil@Base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?Sixteen2ten@StringUtil@Base@@YAHQADH@Z
?Dec2hex@StringUtil@Base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
MD5Encode
hamc_encrypt
base64_encodeEx
?u82mb@Base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?mb2u8@Base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z

hpr

HPR_CreateEvent
??1HPR_Mutex@@QAE@XZ
??0HPR_Mutex@@QAE@XZ
HPR_Htonl
HPR_SemDestroy
HPR_CloseEvent
HPR_Htons
HPR_GetLastError
HPR_Ntohl
??1hpr_recursive_mutex@hpr@@UAE@XZ
??1hpr_sem@hpr@@UAE@XZ
HPR_SemTimedWait
HPR_CloseDir
HPR_Sleep
HPR_WriteFile
HPR_FindFileInDir
HPR_OpenFile
HPR_ThreadPool_Work
HPR_AsyncIO_RecvEx
HPR_AsyncIO_SendEx
HPR_AsyncIO_UnBindIOHandleEx
HPR_DeleteFile
HPR_CloseFile
HPR_OpenDir
HPR_Ntohs
HPR_GetTimeTick
HPR_Send
HPR_AsyncIO_PostQueuedCompleteStatusEx
?Lock@HPR_Mutex@@QAEHXZ
HPR_ConnectWithTimeOut
HPR_RecvWithTimeOut
HPR_CreateSocket
HPR_CloseSocket
HPR_SetTimeOut
HPR_SetNonBlock
HPR_WaitForMultipleObjects
HPR_SetEvent
HPR_AsyncIO_BindIOHandleToQueueEx
HPR_ResetEvent
HPR_GetAddrBySockFd
HPR_AsyncIO_BindCallBackToIOHandleEx
HPR_GetAddrString
HPR_GetSystemLastError
HPR_AtomicDec
HPR_Thread_Create
HPR_MutexCreate
HPR_Listen
HPR_MutexDestroy
HPR_AtomicInc
HPR_AtomicSet
HPR_Thread_Wait
HPR_MutexLock
HPR_MutexUnlock
HPR_Sendn
HPR_Recv
?Unlock@HPR_Mutex@@QAEHXZ
HPR_SemCreate
HPR_MakeAddrByString
HPR_ThreadPool_Create
HPR_InitEx
HPR_SetBuffSize
HPR_SetReuseAddr
HPR_FiniEx
HPR_Bind
HPR_Accept
HPR_AsyncIO_DestroyQueueEx
HPR_AsyncIO_CreateQueueEx2
HPR_SemPost

hlog

ord14
ord18
ord15

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetCurrentProcessId
GetLastError
GetModuleFileNameA
Sleep

sqlite3

sqlite3_free_table
sqlite3_get_table
sqlite3_exec
sqlite3_open
sqlite3_free
sqlite3_close

libcrypto-1_1

X509_get_subject_name
X509_NAME_oneline
X509_get_issuer_name
ENGINE_free
X509_free

libssl-1_1

SSL_CTX_new
SSL_set_fd
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_certificate_file
SSL_write
SSL_new
SSL_get_peer_certificate
SSL_free
TLS_method
OPENSSL_init_ssl
SSL_do_handshake
SSL_CTX_set_verify
SSL_read
SSL_CTX_load_verify_locations
SSL_CTX_check_private_key
SSL_shutdown
SSL_get_error
SSL_CTX_set_verify_depth
SSL_CTX_free
SSL_set_connect_state

prmk_clb_vc12_x86

PRMK_CLB_Create
PRMK_CLB_Process
PRMK_CLB_GetConfig
PRMK_CLB_GetMemSize

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??Bid@locale@std@@QAEIXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

ws2_32

ntohs
setsockopt
WSACleanup
htonl
WSAStartup
inet_pton
inet_ntop
ntohl

vcruntime140

_except_handler4_common
__CxxFrameHandler3
__vcrt_InitializeCriticalSectionEx
memcpy
memcmp
_CxxThrowException
memset
__std_type_info_destroy_list
strstr
memmove
__std_terminate
__std_exception_destroy
__std_exception_copy
memchr
_purecall

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_errno
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_invalid_parameter_noinfo

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
fsetpos
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
_get_stream_buffer_pointers
_fseeki64
fflush
ungetc
setvbuf
fgetpos
fputc
fwrite
__stdio_common_vsscanf
fgetc
fclose

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-string-l1-1-0

strpbrk
strncpy

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
_except1
_libm_sse2_log10_precise

Exports

Exports

??0HPR_Guard@@QAE@PAVHPR_Mutex@@@Z
??0hpr_recursive_mutex@hpr@@QAE@ABV01@@Z
??0hpr_sem@hpr@@QAE@ABV01@@Z
??1HPR_Guard@@QAE@XZ
??4HPR_Guard@@QAEAAV0@ABV0@@Z
??4HPR_Mutex@@QAEAAV0@ABV0@@Z
??4HPR_Sema@@QAEAAV0@ABV0@@Z
??4hpr_mutex@hpr@@QAEAAV01@ABV01@@Z
??4hpr_recursive_mutex@hpr@@QAEAAV01@ABV01@@Z
??4hpr_sem@hpr@@QAEAAV01@ABV01@@Z
??4hpr_string@hpr@@QAEAAV01@$$QAV01@@Z
??4hpr_string@hpr@@QAEAAV01@ABV01@@Z
??_7hpr_recursive_mutex@hpr@@6B@
??_7hpr_sem@hpr@@6B@
?Release@HPR_Guard@@QAEXXZ
?__autoclassinit2@HPR_Guard@@QAEXI@Z
?__autoclassinit2@HPR_Sema@@QAEXI@Z
?__autoclassinit2@hpr_sem@hpr@@QAEXI@Z
Robot_AbnormityDetect
Robot_BMS_Upgrade
Robot_Camera_Upgrade
Robot_Camera_Upgrade_Ground
Robot_Camera_Upgrade_Rack
Robot_Castor_Upgrade
Robot_Fini
Robot_GetAGVDefaultItems
Robot_GetCalibVersion
Robot_GetCapture
Robot_GetCompareParameter
Robot_GetConfigParamItems
Robot_GetDeviceInfo
Robot_GetExportLogInfo
Robot_GetLogInfo
Robot_GetLoginItems
Robot_GetMessageTypes
Robot_GetParam
Robot_GetQueryLogInfo
Robot_GetSTItems
Robot_GetSYSUpgradeItems
Robot_GetSYSUploadItems
Robot_GetStatusInfo
Robot_GetSystemMaint
Robot_Get_AllWifiParam
Robot_Get_AudioVolumn
Robot_Get_AvoidControlParam
Robot_Get_BlackList
Robot_Get_CeButtonCtrl
Robot_Get_ChgNetMode
Robot_Get_ContinueNorThreshold
Robot_Get_EncyptParam
Robot_Get_EnergyDetailInfo
Robot_Get_EngeryAlarmThrethold
Robot_Get_ForkliftStructuralInfo
Robot_Get_LanConfig
Robot_Get_LaneDetectMode
Robot_Get_LinePatrolSwitchStatus
Robot_Get_MantainInfo
Robot_Get_MantainThreshold
Robot_Get_MaxMotionParam
Robot_Get_NaviPolicy
Robot_Get_NaviSenser
Robot_Get_RcsEncyptConfig
Robot_Get_RcsMap
Robot_Get_SafeSensorParam
Robot_Get_SshCtrlSwitch
Robot_Get_SubDevNode
Robot_Get_TimingConfig
Robot_Get_TurntableAngleThreshold
Robot_Get_Upgrade_Status
Robot_Get_Upload_Status
Robot_Get_UserInfo
Robot_Get_WeightInfo
Robot_Get_WhiteList
Robot_Get_WifiFreqInfo
Robot_Get_WifiParam
Robot_Get_Wifi_PasswordLength
Robot_Get_WlanParam
Robot_Get_WorkMode
Robot_HeartBeat
Robot_Init
Robot_KELI_Sensor_Upgrade
Robot_LogIn
Robot_LogInBatch
Robot_LogOut
Robot_SM_Upgrade
Robot_STL_Sensor_Upgrade
Robot_SetCalib
Robot_SetCurrentIp
Robot_SetDeviceList
Robot_SetMessageTypes
Robot_SetParam
Robot_SetStatusCmd
Robot_SetSystemMaint
Robot_SetSystemUploadCert
Robot_SetSystemUploadFile
Robot_SetSystemUploadSound
Robot_Set_AllWifiParam
Robot_Set_AudioVolumn
Robot_Set_AvoidControlParam
Robot_Set_BlackList
Robot_Set_CeButtonCtrl
Robot_Set_ChargeCtrl
Robot_Set_ChgNetMode
Robot_Set_ContinueNorThreshold
Robot_Set_CruiseParamV2
Robot_Set_EnergyDetailInfo
Robot_Set_EngeryAlarmThrethold
Robot_Set_GroundLightCtrl
Robot_Set_LanConfig
Robot_Set_LaneDetectMode
Robot_Set_LiftPodCtrl
Robot_Set_LinePatrolSwitchStatus
Robot_Set_LongConnectParam
Robot_Set_MantainInfo
Robot_Set_MantainThreshold
Robot_Set_MaxMotionParam
Robot_Set_NaviPolicy
Robot_Set_PodLightCtrl
Robot_Set_RcsEncyptConfig
Robot_Set_RcsMap
Robot_Set_RestoreParam
Robot_Set_SafeSensorParam
Robot_Set_SshCtrlSwitch
Robot_Set_SubDevNode
Robot_Set_TimingConfig
Robot_Set_TurntableAngleThreshold
Robot_Set_WeightInfo
Robot_Set_WhiteList
Robot_Set_WifiFreqInfo
Robot_Set_WifiParam
Robot_Set_WlanParam
Robot_Set_WorkMode
Robot_StartService
Robot_Sub_Device_Upgrade
Robot_UpdateDevice
Robot_UploadFile
Robot_UploadFileEx
Robot_Upload_Cert

Sections

.text
Size: 886KB - Virtual size: 885KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37f772144a094820421d846753968a7b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

base

hpr

hlog

kernel32

sqlite3

libcrypto-1_1

libssl-1_1

prmk_clb_vc12_x86

msvcp140

ws2_32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 886KB - Virtual size: 885KB

.rdata Size: 178KB - Virtual size: 178KB

.data Size: 1KB - Virtual size: 3KB

.gfids Size: 512B - Virtual size: 80B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 886KB - Virtual size: 885KB

.rdata
Size: 178KB - Virtual size: 178KB

.data
Size: 1KB - Virtual size: 3KB

.gfids
Size: 512B - Virtual size: 80B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 35KB - Virtual size: 35KB