4405ad1d0b4f13aecf6ef68214eea78ce3bcc0823ad8d140c8fbf91ea860ffd2

Sharing

Copy URL Twitter E-mail

General

Target

4405ad1d0b4f13aecf6ef68214eea78ce3bcc0823ad8d140c8fbf91ea860ffd2
Size

134KB
MD5

6d95238e300869060b1ec26ecbe2dbef
SHA1

16b99d4428610d368e28857581e563af3326fac4
SHA256

4405ad1d0b4f13aecf6ef68214eea78ce3bcc0823ad8d140c8fbf91ea860ffd2
SHA512

3ca0010bf6dc7a553b53dd7306a142bc6b3e74e9da54219c551a88f72a1a4a2c8ec9a4ad2b0954f8d6ca5324b50544cc48b9af0a51a46a18e0ff26c24b82604f
SSDEEP

3072:ZfomR+DPHlfbBe1dvo7MGOR9QA1l7zbs6nqTXfdGPQ4Zc:ZAmRefVvpOR9Vb73hi4PQ4m

Score

N/A

Malware Config

Signatures

Files

4405ad1d0b4f13aecf6ef68214eea78ce3bcc0823ad8d140c8fbf91ea860ffd2
.exe windows x86

cf98f14168e067c62c3615bce200ac74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUserW
WNetAddConnection3W
WNetPropertyDialogA
WNetGetProviderTypeA
WNetEnumResourceA
WNetGetResourceParentW
WNetGetConnection3A
WNetOpenEnumW
WNetGetResourceInformationW
WNetCancelConnection2W
WNetAddConnectionA
WNetUseConnectionW
WNetGetNetworkInformationA
WNetGetPropertyTextA
WNetGetNetworkInformationW
WNetGetProviderTypeW
MultinetGetConnectionPerformanceW
I_MprSaveConn
WNetGetConnection2A
WNetSupportGlobalEnum
WNetGetDirectoryTypeA
WNetOpenEnumA
WNetPropertyDialogW
WNetGetHomeDirectoryW
WNetSetLastErrorW
WNetGetUniversalNameW
WNetSetLastErrorA

ifsutil

?QueryDisjointRange@NUMBER_SET@@QBEXKPAVBIG_INT@@0@Z
?QueryVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?SendSonyMSRequestSenseCmd@DP_DRIVE@@QAEEPAU_SENSE_DATA@@@Z
?QueryParentsWithChildren@DIGRAPH@@QBEEPAVNUMBER_SET@@K@Z
?Lock@IO_DP_DRIVE@@QAEEXZ
??1NUMBER_SET@@UAE@XZ
?Pop@INTSTACK@@QAEXK@Z
?InvalidateVolume@IO_DP_DRIVE@@QAEEXZ
?GetCannedSecurity@IFS_SYSTEM@@SGPAVCANNED_SECURITY@@XZ
?RemoveAll@SPARSE_SET@@QAEEXZ
?SendSonyMSInquiryCmd@DP_DRIVE@@QAEEPAUSONY_MS_INQUIRY_DATA@@@Z
?CheckValidSecurityDescriptor@IFS_SYSTEM@@SGEKPAU_SECURITY_DESCRIPTOR@@@Z
?DiskCopyMainLoop@@YGHPBVWSTRING@@000EPAVMESSAGE@@1@Z
?WriteToFile@IFS_SYSTEM@@SGEPBVWSTRING@@PAXKE@Z
??1DIGRAPH@@UAE@XZ
?Initialize@DP_DRIVE@@QAEEPBVWSTRING@@PAVMESSAGE@@EEG@Z
?DismountVolume@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?Initialize@SPARSE_SET@@QAEEXZ
?CloseDriveHandle@DP_DRIVE@@QAEXXZ

crtdll

_mbsspnp
_CIcos
_mbctolower
printf
_statusfp
qsort
_chgsign
localeconv
_gcvt
atan2
_CIlog
iswlower
_mbsnbset
_rotr
_sopen
rename
fwprintf
_CIpow
_isctype
div
free

kernel32

LoadLibraryA
SearchPathW
VDMConsoleOperation
GetStartupInfoA
GetWriteWatch
InitializeCriticalSectionAndSpinCount
FlushViewOfFile
HeapCreate
GetNamedPipeHandleStateA
_llseek
GetThreadContext
FreeLibrary
CreateMutexA
CreateThread

sqlunirl

_ReplaceText_@4
_OpenDesktop_@16
_AddFontResource_@4
_CallNamedPipe_@28
_RegOpenKeyEx_@20
_ClearEventLog_@8
_OemToChar_@8
_QueryServiceConfig_@16
_RegQueryInfoKey_@48
_VkKeyScan_@4
_LookupAccountName_@28
_GetDefaultCommConfig_@12
_GlobalAddAtom_@4
_BackupEventLog_@8
_CreateEvent_@16
_GetWindowLong@8
_SetMenuItemInfo_@16
_GetModuleFileName@12
_ExpandEnvironmentStrings_@12
_DeviceCapabilities_@20

scrrun

DllRegisterServer
DLLGetDocumentation

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf98f14168e067c62c3615bce200ac74

Headers

File Characteristics

Imports

mpr

ifsutil

crtdll

kernel32

sqlunirl

scrrun

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB