191d416721fb081ec3ac487e73fb8c95a2230197b92d7159e96e863bcec988e2

Sharing

Copy URL Twitter E-mail

General

Target

191d416721fb081ec3ac487e73fb8c95a2230197b92d7159e96e863bcec988e2
Size

134KB
MD5

92ecf0bd71d83bce2c6b8ee9f0757e10
SHA1

f650f549f336d07a85c0cffbde007ae5ee6fcc76
SHA256

191d416721fb081ec3ac487e73fb8c95a2230197b92d7159e96e863bcec988e2
SHA512

5019be4cbefdfcdb7c45d657ec3a6291dc3573becba7fc425974ac1468aa67e752c11704b51eab0128eba52397ece667e239b6d547c6a7f5c466981b19451651
SSDEEP

3072:ZfomR+DPHlfbBe1dvo7MGOR9QA1l7zbs6nqTXfdGPQ4ZGr:ZAmRefVvpOR9Vb73hi4PQ4wr

Score

N/A

Malware Config

Signatures

Files

191d416721fb081ec3ac487e73fb8c95a2230197b92d7159e96e863bcec988e2
.exe windows x86

cf98f14168e067c62c3615bce200ac74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUserW
WNetAddConnection3W
WNetPropertyDialogA
WNetGetProviderTypeA
WNetEnumResourceA
WNetGetResourceParentW
WNetGetConnection3A
WNetOpenEnumW
WNetGetResourceInformationW
WNetCancelConnection2W
WNetAddConnectionA
WNetUseConnectionW
WNetGetNetworkInformationA
WNetGetPropertyTextA
WNetGetNetworkInformationW
WNetGetProviderTypeW
MultinetGetConnectionPerformanceW
I_MprSaveConn
WNetGetConnection2A
WNetSupportGlobalEnum
WNetGetDirectoryTypeA
WNetOpenEnumA
WNetPropertyDialogW
WNetGetHomeDirectoryW
WNetSetLastErrorW
WNetGetUniversalNameW
WNetSetLastErrorA

ifsutil

?QueryDisjointRange@NUMBER_SET@@QBEXKPAVBIG_INT@@0@Z
?QueryVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?SendSonyMSRequestSenseCmd@DP_DRIVE@@QAEEPAU_SENSE_DATA@@@Z
?QueryParentsWithChildren@DIGRAPH@@QBEEPAVNUMBER_SET@@K@Z
?Lock@IO_DP_DRIVE@@QAEEXZ
??1NUMBER_SET@@UAE@XZ
?Pop@INTSTACK@@QAEXK@Z
?InvalidateVolume@IO_DP_DRIVE@@QAEEXZ
?GetCannedSecurity@IFS_SYSTEM@@SGPAVCANNED_SECURITY@@XZ
?RemoveAll@SPARSE_SET@@QAEEXZ
?SendSonyMSInquiryCmd@DP_DRIVE@@QAEEPAUSONY_MS_INQUIRY_DATA@@@Z
?CheckValidSecurityDescriptor@IFS_SYSTEM@@SGEKPAU_SECURITY_DESCRIPTOR@@@Z
?DiskCopyMainLoop@@YGHPBVWSTRING@@000EPAVMESSAGE@@1@Z
?WriteToFile@IFS_SYSTEM@@SGEPBVWSTRING@@PAXKE@Z
??1DIGRAPH@@UAE@XZ
?Initialize@DP_DRIVE@@QAEEPBVWSTRING@@PAVMESSAGE@@EEG@Z
?DismountVolume@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?Initialize@SPARSE_SET@@QAEEXZ
?CloseDriveHandle@DP_DRIVE@@QAEXXZ

crtdll

_mbsspnp
_CIcos
_mbctolower
printf
_statusfp
qsort
_chgsign
localeconv
_gcvt
atan2
_CIlog
iswlower
_mbsnbset
_rotr
_sopen
rename
fwprintf
_CIpow
_isctype
div
free

kernel32

LoadLibraryA
SearchPathW
VDMConsoleOperation
GetStartupInfoA
GetWriteWatch
InitializeCriticalSectionAndSpinCount
FlushViewOfFile
HeapCreate
GetNamedPipeHandleStateA
_llseek
GetThreadContext
FreeLibrary
CreateMutexA
CreateThread

sqlunirl

_ReplaceText_@4
_OpenDesktop_@16
_AddFontResource_@4
_CallNamedPipe_@28
_RegOpenKeyEx_@20
_ClearEventLog_@8
_OemToChar_@8
_QueryServiceConfig_@16
_RegQueryInfoKey_@48
_VkKeyScan_@4
_LookupAccountName_@28
_GetDefaultCommConfig_@12
_GlobalAddAtom_@4
_BackupEventLog_@8
_CreateEvent_@16
_GetWindowLong@8
_SetMenuItemInfo_@16
_GetModuleFileName@12
_ExpandEnvironmentStrings_@12
_DeviceCapabilities_@20

scrrun

DllRegisterServer
DLLGetDocumentation

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf98f14168e067c62c3615bce200ac74

Headers

File Characteristics

Imports

mpr

ifsutil

crtdll

kernel32

sqlunirl

scrrun

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB