97df0196f606ced16dcf6913758b1d709dd300b082f0a0a72809da7103445575

Sharing

Copy URL Twitter E-mail

General

Target

97df0196f606ced16dcf6913758b1d709dd300b082f0a0a72809da7103445575
Size

1.9MB
MD5

c569d7a55954c83276ee21571cfd93a6
SHA1

3d1202d6d649e0cba61da9113227692b6b71e790
SHA256

97df0196f606ced16dcf6913758b1d709dd300b082f0a0a72809da7103445575
SHA512

003baccd68a80e1d79abf5d6611fb36e869aebde6073df77045486bd600b49fe3a4408b2bf48ea293635160d7196b5179ca9674488e15dd3572f4b4c9fbe928c
SSDEEP

49152:4gaq6iIjRcOd+O8y4N6ab9bkTayksNzorggT:/6JcOdhJM6+S7p8ggT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97df0196f606ced16dcf6913758b1d709dd300b082f0a0a72809da7103445575

Files

97df0196f606ced16dcf6913758b1d709dd300b082f0a0a72809da7103445575
.exe windows:6 windows x86 arch:x86

5e12bde8c9c1a3cbecde4a8fb9186460

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\HAD60-copy\bin\Release\MainWindow.pdb

Imports

mfc140u

ord12542

kernel32

InitializeCriticalSectionEx

user32

EnableWindow

advapi32

OpenProcessToken

shell32

SHGetMalloc

comctl32

InitCommonControlsEx

gcstartui

StartUI_Update

msvcp140

?_Xbad_alloc@std@@YAXXZ

hmi_upgradedatabase

??0CDatabaseUpgradeDlg@@QAE@PAVCWnd@@@Z

opencv_core_r

?copySize@Mat@cv246@@QAEXABV12@@Z

autocsd

?Get_CurMode2_stu@StationBase@@UAE_NXZ

hmi_usercontrol

??1CColorCheckbox@@UAE@XZ

planemove

?Get_Detect_Point_nums@CPlaneMove@@QAEXAAH@Z

chipfind

?IsEnableTAxis@CChipFind@@QAE_NXZ

wuz

?SetAlarm_Z@CWUZ@@QAEXXZ

chipfind_axishandwofer

?GetUnloadWaferCount@CChipFind_AxisHandWofer@@QAEFXZ

planemovestd

?ReBuildMaskMap@CPlaneMoveStd@@QAE_NXZ

calibration

?CheckStationHomeState@Calibration@@UAE_NXZ

unload

?ClearBoxIndex@CUnload@@QAEXF@Z

singledps

?SetDPSTemperature@CSingleDPS@@QAE_NXZ

icutility

?GetInstance@ICUDP@@SAPAV1@XZ

table

?DBD_Dtect_Isdone@CTable@@QAE_NXZ

gcftpclient

FTPClient_ShowDemoDlg

hmi-usersmanagement

?UpdateBtnEnable@CMyUserDll@@QAEXPAVCWnd@@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z

vminterface

?SetRunConfrimDisableWnd@VisionMotinInterface@@QAEXAAV?$vector@PAUHWND__@@V?$allocator@PAUHWND__@@@std@@@std@@@Z

hmi_recorddata

?GetInstance@CDlgRecordData@@SAPAV1@XZ

hmi_motorparam

??0CMotorParamMain@@QAE@PAVCWnd@@@Z

hmi_camcomparaset

?SetCurCamID@CCamParaMainDlg@@QAEXF@Z

hmi_pr_learning

?SetCurrentCamPrPara@CPrMainDlg@@QAEXAB_N@Z

hmi_wafermap

?InitDlg@CWaferMapDlg@@QAEXVCRect@@F@Z

hmi_axisposset

?HMISetWndShow@AxisPosMainDlg@@QAEX_N0@Z

hmi_io

??1CIOMainDlg@@UAE@XZ

hmi_processparam

?GetDlgName@CProcessParamMainDlg@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ

hmi_systemparam

?PreTranslateMessage@CSystemParamDlgUser@@MAEHPAUtagMSG@@@Z

hmi_holderprogram

?GetDlgName@CHPMainDlg@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ

hmi_manualdebug

?EnableJumpDlg@CManualDebugDlg@@QAEXF_N@Z

debuginfo

??1CDebugDlg@@UAE@XZ

hmi_chipfindprogram

?GetInstance@CChipFindProgramDlg@@SAPAV1@XZ

hmi_supplies

??1CSuppliesMainDlg@@UAE@XZ

hmi_systemparam_100

??0CSystemParam100Dlg@@QAE@PAVCWnd@@@Z

hmi_systemparam_pr

??0CSystemParamPRDlg@@QAE@PAVCWnd@@@Z

hmi_softreg

?UpdateLan@CSoftReg@@QAEXV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z

gcvirtualkeyboard

UninstallGCTouch

vcruntime140

__std_terminate

api-ms-win-crt-runtime-l1-1-0

_initterm

api-ms-win-crt-heap-l1-1-0

calloc

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-time-l1-1-0

wcsftime

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

?$TSS0@?6??GetCell@CGridCtrl@@QBEPAVCGridCellBase@@HH@Z@4HA
?$TSS1@?6??GetCell@CGridCtrl@@QBEPAVCGridCellBase@@HH@Z@4HA
??0CDataOperate@@QAE@ABV0@@Z
??0CProductData@@QAE@ABV0@@Z
??0CTable@@QAE@$$QAV0@@Z
??0CTable@@QAE@ABV0@@Z
??0Calibration@@QAE@ABV0@@Z
??0CoordinateCalculate@@QAE@ABV0@@Z
??0LTControl@@QAE@ABV0@@Z
??1CTable@@QAE@XZ
??4CDataOperate@@QAEAAV0@ABV0@@Z
??4CProductData@@QAEAAV0@ABV0@@Z
??4CTable@@QAEAAV0@$$QAV0@@Z
??4CTable@@QAEAAV0@ABV0@@Z
??4Calibration@@QAEAAV0@ABV0@@Z
??4CoordinateCalculate@@QAEAAV0@ABV0@@Z
??4LTControl@@QAEAAV0@ABV0@@Z
??_7CTable@@6B@
??_7Calibration@@6B@
??_8CTable@@7B@
??_8Calibration@@7B@
??_DCTable@@QAEXXZ
??_DCalibration@@QAEXXZ
??_FCGridCtrl@@QAEXXZ
?AllowReorderColumn@CGridCtrl@@QAEX_N@Z
?AllowSelectRowInFixedCol@CGridCtrl@@QAEX_N@Z
?EnableColumnHide@CGridCtrl@@QAEXH@Z
?EnableDragAndDrop@CGridCtrl@@QAEXH@Z
?EnableDragRowMode@CGridCtrl@@QAEX_N@Z
?EnableHiddenColUnhide@CGridCtrl@@QAEXH@Z
?EnableHiddenRowUnhide@CGridCtrl@@QAEXH@Z
?EnableRowHide@CGridCtrl@@QAEXH@Z
?EnableSelection@CGridCtrl@@QAEXH@Z
?EnableTitleTips@CGridCtrl@@QAEXH@Z
?EnableWysiwygPrinting@CGridCtrl@@QAEXH@Z
?EnsureVisible@CGridCtrl@@QAEXAAVCCellID@@@Z
?ForceQuitFocusOnTab@CGridCtrl@@QAEX_N@Z
?GetAllStationInfo@CDataOperate@@QAEXAAV?$vector@U_tagStationConfig@@V?$allocator@U_tagStationConfig@@@std@@@std@@@Z
?GetAutoSizeStyle@CGridCtrl@@QAEHXZ
?GetBackClr@CGridCell@@UBEKXZ
?GetBasPtrMap@CTable@@QAEAAV?$map@FPAVStationBase@@U?$less@F@std@@V?$allocator@U?$pair@$$CBFPAVStationBase@@@std@@@3@@std@@XZ
?GetBkColor@CGridCtrl@@QAEKXZ
?GetCallbackFunc@CGridCtrl@@QAEP6GHPAUtagGV_DISPINFO@@J@ZXZ
?GetCell@CGridCtrl@@QBEPAVCGridCellBase@@HH@Z
?GetCellTextExtent@CGridCtrl@@QAE?AVCSize@@HH@Z
?GetColumnCount@CGridCtrl@@QBEHXZ
?GetColumnHide@CGridCtrl@@QAEHXZ
?GetColumnResize@CGridCtrl@@QBEHXZ
?GetCupXVec@CoordinateCalculate@@QAEAAV?$vector@UIAPoint@@V?$allocator@UIAPoint@@@std@@@std@@XZ
?GetCupYVec@CoordinateCalculate@@QAEAAV?$vector@UIAPoint@@V?$allocator@UIAPoint@@@std@@@std@@XZ
?GetCurRouteChpDbdLinkMode@CProductData@@QBEHXZ
?GetCurRouteChpMode@CProductData@@QBEHXZ
?GetCurrentProductRouteNums@CProductData@@QAEHXZ
?GetCurrentRoute@CProductData@@QAEHXZ
?GetData@CGridCell@@UBEJXZ
?GetDefCellHeight@CGridCtrl@@QBEHXZ
?GetDefCellMargin@CGridCtrl@@QBEHXZ
?GetDefCellWidth@CGridCtrl@@QBEHXZ
?GetDefaultCell@CGridCtrl@@QBEPAVCGridCellBase@@HH@Z
?GetDoubleBuffering@CGridCtrl@@QBEHXZ
?GetDragAndDrop@CGridCtrl@@QBEHXZ
?GetEditWnd@CGridCell@@UBEPAVCWnd@@XZ
?GetFixedBkColor@CGridCtrl@@QBEKXZ
?GetFixedColumnCount@CGridCtrl@@QBEHXZ
?GetFixedColumnSelection@CGridCtrl@@QAEHXZ
?GetFixedRowCount@CGridCtrl@@QBEHXZ
?GetFixedRowSelection@CGridCtrl@@QAEHXZ
?GetFixedTextColor@CGridCtrl@@QBEKXZ
?GetFocusCell@CGridCtrl@@QBE?AVCCellID@@XZ
?GetFrameFocusCell@CGridCtrl@@QAEHXZ
?GetGrid@CGridCell@@UBEPAVCGridCtrl@@XZ
?GetGridBkColor@CGridCtrl@@QBEKXZ
?GetGridColor@CGridCtrl@@QAEKXZ
?GetGridLineColor@CGridCtrl@@QBEKXZ
?GetGridLines@CGridCtrl@@QBEHXZ
?GetHandleTabKey@CGridCtrl@@QBEHXZ
?GetHeaderSort@CGridCtrl@@QBEHXZ
?GetHiddenColUnhide@CGridCtrl@@QAEHXZ
?GetHiddenRowUnhide@CGridCtrl@@QAEHXZ
?GetImage@CGridCell@@UBEHXZ
?GetImageList@CGridCtrl@@QBEPAVCImageList@@XZ
?GetListMode@CGridCtrl@@QBEHXZ
?GetModulesEnable@CTable@@QAEJXZ
?GetMouseMode@CGridCtrl@@IBEHXZ
?GetProductName@CProductData@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetProductPath@CProductData@@QAEXAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetRowCount@CGridCtrl@@QBEHXZ
?GetRowHide@CGridCtrl@@QAEHXZ
?GetRowResize@CGridCtrl@@QBEHXZ
?GetSaveProductRouteNums@CProductData@@QBEHXZ
?GetSelectedCount@CGridCtrl@@QBEHXZ
?GetShadedPrintOut@CGridCtrl@@QAEHXZ
?GetSingleColSelection@CGridCtrl@@QAEHXZ
?GetSingleRowSelection@CGridCtrl@@QAEHXZ
?GetSortAscending@CGridCtrl@@QBEHXZ
?GetSortColumn@CGridCtrl@@QBEHXZ
?GetStationBasePtr@CTable@@QAEPAVStationBase@@W4_TB_STATION_ID@@@Z
?GetTableID@CTable@@QAEFXZ
?GetText@CGridCell@@UBEPB_WXZ
?GetTextBkColor@CGridCtrl@@QAEKXZ
?GetTextClr@CGridCell@@UBEKXZ
?GetTextColor@CGridCtrl@@QAEKXZ
?GetTitleTipBackClr@CGridCtrl@@QAEKXZ
?GetTitleTipTextClr@CGridCtrl@@QAEKXZ
?GetTitleTips@CGridCtrl@@QAEHXZ
?GetTrackFocusCell@CGridCtrl@@QAEHXZ
?GetVirtualMode@CGridCtrl@@QBEHXZ
?GetVirtualText@CGridCell@@UBEPB_WXZ
?GetWysiwygPrinting@CGridCtrl@@QAEHXZ
?IsDefaultFont@CGridCell@@UBEHXZ
?IsEditable@CGridCtrl@@QBEHXZ
?IsEditing@CGridCell@@UBEHXZ
?IsSelectable@CGridCtrl@@QBEHXZ
?IsSetCHP_WAFER_PN@CProductData@@QAE_NXZ
?IsVisibleHScroll@CGridCtrl@@IAEHXZ
?IsVisibleVScroll@CGridCtrl@@IAEHXZ
?Lock@CGCMapping001@@AAEXXZ
?OnBMGetcheck@CColorCheckbox@@IAEJIJ@Z
?OnBMSetcheck@CColorCheckbox@@IAEJIJ@Z
?SetAutoSizeStyle@CGridCtrl@@QAEXH@Z
?SetBackClr@CGridCell@@UAEXK@Z
?SetBackgroundColor@CColorCheckbox@@QAEXK@Z
?SetBackgroundColor@ColorCombox@@QAEXK@Z
?SetBkColor@CGridCtrl@@QAEXK@Z
?SetBold@CColorCheckbox@@QAEX_N@Z
?SetBold@CColorEdit@@QAEX_N@Z
?SetCHP_WAFER_PN@CProductData@@QAE_N_N@Z
?SetCallback@CGridCtrl@@QAEXP6AXHHPAX@Z0@Z
?SetCallbackFunc@CGridCtrl@@QAEXP6GHPAUtagGV_DISPINFO@@J@ZJ@Z
?SetCell@CGridCtrl@@IAEHHHPAVCGridCellBase@@@Z
?SetColumnResize@CGridCtrl@@QAEXH@Z
?SetCoords@CGridCell@@UAEXHH@Z
?SetCurRouteChpDbdLinkMode@CProductData@@QAEXH@Z
?SetCurRouteChpMode@CProductData@@QAEXH@Z
?SetData@CGridCell@@UAEXJ@Z
?SetDefCellHeight@CGridCtrl@@QAEXH@Z
?SetDefCellMargin@CGridCtrl@@QAEXH@Z
?SetDefCellWidth@CGridCtrl@@QAEXH@Z
?SetDoubleBuffering@CGridCtrl@@QAEXH@Z
?SetEditable@CGridCtrl@@QAEXH@Z
?SetFixedBkColor@CGridCtrl@@QAEXK@Z
?SetFixedColumnSelection@CGridCtrl@@QAEXH@Z
?SetFixedRowSelection@CGridCtrl@@QAEXH@Z
?SetFixedTextColor@CGridCtrl@@QAEXK@Z
?SetFormat@CGridCell@@UAEXK@Z
?SetFrameFocusCell@CGridCtrl@@QAEXH@Z
?SetGrid@CGridCell@@UAEXPAVCGridCtrl@@@Z
?SetGridBkColor@CGridCtrl@@QAEXK@Z
?SetGridColor@CGridCtrl@@QAEXK@Z
?SetGridLineColor@CGridCtrl@@QAEXK@Z
?SetHandleTabKey@CGridCtrl@@QAEXH@Z
?SetHeaderSort@CGridCtrl@@QAEXH@Z
?SetImage@CGridCell@@UAEXH@Z
?SetImageList@CGridCtrl@@QAEXPAVCImageList@@@Z
?SetManualStationAxisHome@CTable@@QAEXPAVStationBase@@F@Z
?SetMargin@CGridCell@@UAEXI@Z
?SetMargins@CXColorStatic@@QAEXHH@Z
?SetMouseMode@CGridCtrl@@IAEHH@Z
?SetProductName@CProductData@@QAEXV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?SetRowResize@CGridCtrl@@QAEXH@Z
?SetSaveProductRouteNums@CProductData@@QAEXH@Z
?SetShadedPrintOut@CGridCtrl@@QAEXH@Z
?SetSingleColSelection@CGridCtrl@@QAEXH@Z
?SetSingleRowSelection@CGridCtrl@@QAEXH@Z
?SetSortAscending@CGridCtrl@@QAEXH@Z
?SetTableID@CTable@@QAEXF@Z
?SetText@CGridCell@@UAEXPB_W@Z
?SetTextBkColor@CGridCtrl@@QAEXK@Z
?SetTextClr@CGridCell@@UAEXK@Z
?SetTextColor@CColorCheckbox@@QAEXK@Z
?SetTextColor@CGridCtrl@@QAEXK@Z
?SetTextColor@ColorCombox@@QAEXK@Z
?SetTextSize@CColorCheckbox@@QAEXH@Z
?SetTextSize@CColorEdit@@QAEXH@Z
?SetTextSize@ColorCombox@@QAEXH@Z
?SetTitleTipBackClr@CGridCtrl@@QAEXK@Z
?SetTitleTipTextClr@CGridCtrl@@QAEXK@Z
?SetTrackFocusCell@CGridCtrl@@QAEXH@Z
?SetUseRouteRankBasePointMode@CProductData@@QAEXH@Z
?SetVirtualCompare@CGridCtrl@@QAEXP6A_NHH@Z@Z
?SetVirtualText@CGridCell@@UAEXPB_W@Z
?Unlock@CGCMapping001@@AAEXXZ
?cell@?6??GetCell@CGridCtrl@@QBEPAVCGridCellBase@@HH@Z@4VCGridCell@@A
?gvdi@?6??GetCell@CGridCtrl@@QBEPAVCGridCellBase@@HH@Z@4UtagGV_DISPINFO@@A
?lt_GetLastLightBrightness@LTControl@@QAEKF@Z
?lt_GetLastTemperature@LTControl@@QAENF@Z

Sections

.text
Size: 301KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e12bde8c9c1a3cbecde4a8fb9186460

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc140u

kernel32

user32

advapi32

shell32

comctl32

gcstartui

msvcp140

hmi_upgradedatabase

opencv_core_r

autocsd

hmi_usercontrol

planemove

chipfind

wuz

chipfind_axishandwofer

planemovestd

calibration

unload

singledps

icutility

table

gcftpclient

hmi-usersmanagement

vminterface

hmi_recorddata

hmi_motorparam

hmi_camcomparaset

hmi_pr_learning

hmi_wafermap

hmi_axisposset

hmi_io

hmi_processparam

hmi_systemparam

hmi_holderprogram

hmi_manualdebug

debuginfo

hmi_chipfindprogram

hmi_supplies

hmi_systemparam_100

hmi_systemparam_pr

hmi_softreg

gcvirtualkeyboard

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 301KB - Virtual size: 7.5MB

.sedata Size: 1.6MB - Virtual size: 1.6MB

.idata Size: 5KB - Virtual size: 8KB

.rsrc Size: 38KB - Virtual size: 40KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 301KB - Virtual size: 7.5MB

.sedata
Size: 1.6MB - Virtual size: 1.6MB

.idata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 38KB - Virtual size: 40KB

.sedata
Size: 4KB - Virtual size: 4KB