574e9d472f0de4aab353f813130f46e4bff84717f6899affa85b197642ab831b

Sharing

Copy URL Twitter E-mail

General

Target

574e9d472f0de4aab353f813130f46e4bff84717f6899affa85b197642ab831b
Size

430KB
MD5

62148659e63164f0ca364dca91a879cd
SHA1

bdf513d1a7f81ef14c15ae41ba00daa693603081
SHA256

574e9d472f0de4aab353f813130f46e4bff84717f6899affa85b197642ab831b
SHA512

694ee7a5d35c2f19d6195431c03ec722b770f3c08e80c3cab953830612c16d2e5e878b940cde315265597604764304cfec864b65405b17b70500b8fc2a27e1cb
SSDEEP

12288:Jp0n4Vn1gCMR+DUHZpianeYtDmtUVeK4mYG:JpLn1vDU5p5eYRRVR4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
574e9d472f0de4aab353f813130f46e4bff84717f6899affa85b197642ab831b

Files

574e9d472f0de4aab353f813130f46e4bff84717f6899affa85b197642ab831b
.exe windows:6 windows x86 arch:x86

7e4618b7894b1bf1809863d7f8f0d6b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\1-BodorThinkerSourceCode\BodorThinker5.0-10KW\Src\task\TaskController\Release\Win32\v142\TaskController.pdb

Imports

dynamicmotionproxy

GetCoderPoints
SetCoderFeedbackState
GetInterpPoints
IsUpdatedVersion
GetStatus
CanSendDecodeCmd
SendDecodeCmd
SendContrlCmd
GetError
ClearError
Reset
ClearCmdCache
Uninitialize
Initialize
FreeDllPath
SetDllPath

motalgolib

MotGetLineRatio
MotGetLinePos
MotGetLineLength
MotGetLineMinDist
motSetCornerGain
motSetCircleGain
motSetPosition
motAddTraverse
motAddLine
motAddCircle
motRunMotion
motIsDone
motIsQueueFull
motGetTimeByDist_1
motSetMaxCornerError
motSetGxxAccTime
motSetGxxMaxAcc
motSetGxxMaxVel
motSetG00AccTime
motSetG00MaxAcc
motSetG00MaxVel
motSetFilter
motSetFineCycleTime
MotGetArcRatio
MotGetArcPos
MotGetArcLength
MotGetArcMinDist
motCreateQueue
motInitQueue
motClearQueue
motSetAlgoType
motSetRoughCycleTime
motSetMaxCurveError

motionproxy

?GetError@MotionProxy@@YAIXZ
?SendContrlCmd@MotionProxy@@YAXAAUMotCommand@@@Z
?GetStatus@MotionProxy@@YAXPAUMotStatus@@@Z
?WaitForResponse@MotionProxy@@YA_NH@Z
?ResetResponse@MotionProxy@@YAXH@Z
?SetCoderFeedbackState@MotionProxy@@YAX_N@Z

rs274ngc

?set_sub_path@InterpIntf@@QAEHPAD@Z
?set_length_units@InterpIntf@@QAEXH@Z
?set_coordinate_index@InterpIntf@@QAEHH@Z
?set_start_point@InterpIntf@@QAEHPAUCANON_POSITION@@@Z
?set_axis_position@InterpIntf@@QAEXPAUCANON_POSITION@@@Z
?set_rotation_flag@InterpIntf@@QAEX_N@Z
?set_rotation@InterpIntf@@QAEXN@Z
?set_global_params_fun@InterpIntf@@QAEXP6APAU_VE_Variable@@PAD@Z@Z
?set_global_param_address@InterpIntf@@QAEXPAE@Z
?synch@InterpIntf@@QAEHXZ
?set_softlimit@InterpIntf@@QAEXPAUCNC_AXIS_PARAMS@@@Z
?get_sync_switch@InterpIntf@@QAE_NXZ
?read@InterpIntf@@QAEHPBD@Z
?open@InterpIntf@@QAEHPBD@Z
?init@InterpIntf@@QAEHXZ
?execute@InterpIntf@@QAEHPBD@Z
?close@InterpIntf@@QAEHXZ
??1InterpIntf@@QAE@XZ
??0InterpIntf@@QAE@XZ
?len@CNC_INTERP_LIST@@QAEHXZ
?get_rotation@InterpIntf@@QAENXZ
?clear@CNC_INTERP_LIST@@QAEXXZ
?get@CNC_INTERP_LIST@@QAEPAVInterpMsg@@XZ
?set_coordinate_offsets@InterpIntf@@QAEXPAUCNC_COORDINATE_OFFSET@@@Z
?set_slag_removal_flag@InterpIntf@@QAEXU_SlagRemoval@@H@Z
?set_scan_cut_flag@InterpIntf@@QAEX_NH@Z

techmanager

?SetResumeCutTraj@TechniceIntf@@QAEX_N@Z
?SetTraversePos@TechniceIntf@@QAEXNN@Z
?GenerateMCode@TechniceIntf@@QAE?AW4RETURN_VALUE@@W4FUNCTION@@PAU_MCode@@@Z
?SetCurrentLayerId@TechniceIntf@@QAE?AW4RETURN_VALUE@@H@Z
?QueryMCodeProcessStepInfo@TechniceIntf@@QAEXU_MCode@@PAW4PROCESS_SETP@@@Z
?QueryMCodeFlyModeInfo@TechniceIntf@@QAEXU_MCode@@PAH@Z
?QueryCutSpeedInfo@TechniceIntf@@QAE?AW4RETURN_VALUE@@U_MCode@@PAN@Z
?QueryMCodeCuttingInfo@TechniceIntf@@QAEXU_MCode@@PAU_MCodeCutInfo@@@Z
?Synch@TechniceIntf@@QAEXW4GAS_TYPE@@@Z
?Reset@TechniceIntf@@QAEXXZ
??0TechniceIntf@@QAE@XZ
??1TechniceIntf@@QAE@XZ
?SetOutsidecutPos@TechniceIntf@@QAEXNN@Z
?Init@TechniceIntf@@QAE?AW4RETURN_VALUE@@PAU_Parameters@@PAU_MachineConfig@@@Z
?QueryMCodeEdgingInfo@TechniceIntf@@QAEXU_MCode@@PAH@Z
?SetCurPosZ@TechniceIntf@@QAEXN@Z
?SetEgeZLatchPosComp@TechniceIntf@@QAEXN@Z
?ResetCurTrajType@TechniceIntf@@QAEXXZ
?SetLengthUnit@TechniceIntf@@QAEXH@Z
?GetMcode@TechniceIntf@@QAE?AW4RETURN_VALUE@@U_MCode@@PAV?$list@U_MiddleMotCommand@@V?$allocator@U_MiddleMotCommand@@@std@@@std@@@Z

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvcp140

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xinvalid_argument@std@@YAXPBD@Z
_Cnd_broadcast
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Syserror_map@std@@YAPBDH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
_Cnd_signal
_Cnd_wait
_Mtx_unlock
_Mtx_lock
_Thrd_detach
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z

kernel32

GetStdHandle
Process32NextW
Process32FirstW
GetCurrentProcess
lstrcmpiW
OpenProcess
OpenEventW
SetEvent
GetCurrentThread
SetPriorityClass
GetConsoleMode
SetConsoleMode
SetConsoleCtrlHandler
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
CreateToolhelp32Snapshot
GetProcAddress
QueryPerformanceFrequency
GetModuleFileNameW
GetModuleFileNameA
GetEnvironmentVariableW
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileIntW
GetTickCount64
GetCurrentProcessId
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
SetThreadPriority
CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
GetLastError
CloseHandle
WriteFile
GetLocalTime
Sleep
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent

vcruntime140

_except_handler4_common
__current_exception_context
__current_exception
strchr
_purecall
strstr
strrchr
memchr
memmove
__std_exception_copy
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_get_initial_narrow_environment
_invalid_parameter_noinfo
_errno
_initialize_narrow_environment
_configure_narrow_argv
_exit
_set_app_type
_seh_filter_exe
__p___argc
__p___argv
_cexit
_c_exit
terminate
_beginthreadex
_register_thread_local_exe_atexit_callback
_controlfp_s
exit
_crt_atexit
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
fread
__p__commode
__stdio_common_vfwprintf
fgetpos
fputc
fsetpos
_fseeki64
setvbuf
ungetc
fopen
__stdio_common_vsprintf
_get_stream_buffer_pointers
fwrite
__acrt_iob_func
__stdio_common_vfprintf
fseek
_set_fmode
fopen_s
fread_s
ferror
ftell
__stdio_common_vsnprintf_s
__stdio_common_vsscanf
fclose
fflush
fgetc

api-ms-win-crt-math-l1-1-0

_libm_sse2_asin_precise
_libm_sse2_pow_precise
__setusermatherr
_libm_sse2_acos_precise
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_cos_precise
_CIatan2

api-ms-win-crt-string-l1-1-0

strcpy_s
isdigit
isspace
isalpha
strncmp

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file
_access
_mkdir
remove

api-ms-win-crt-convert-l1-1-0

strtod
atoi
strtol

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e4618b7894b1bf1809863d7f8f0d6b4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dynamicmotionproxy

motalgolib

motionproxy

rs274ngc

techmanager

version

msvcp140

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 2KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 2KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 17KB - Virtual size: 17KB