320b745ef0610b0d529bcb89cb88be4bc7d467928b0b1a626d6ac14bb090f6b1

Sharing

Copy URL Twitter E-mail

General

Target

320b745ef0610b0d529bcb89cb88be4bc7d467928b0b1a626d6ac14bb090f6b1
Size

134KB
MD5

21cec50bb319ba467aed3a4ee15731c0
SHA1

01afdc03fa0331359e6e6da0ed16d8c09a958296
SHA256

320b745ef0610b0d529bcb89cb88be4bc7d467928b0b1a626d6ac14bb090f6b1
SHA512

aaeb17f56674f5a818e4168f7fba9e06e3f47addce7c40db06df23307a23da4595fef3aabeede24c05af6c025795db70de28928a69bf383cbda1b7845cc5bd74
SSDEEP

3072:ZfomR+DPHlfbBe1dvo7MGOR9QA1l7zbs6nqTXfdGPQ4Z+P:ZAmRefVvpOR9Vb73hi4PQ4O

Score

N/A

Malware Config

Signatures

Files

320b745ef0610b0d529bcb89cb88be4bc7d467928b0b1a626d6ac14bb090f6b1
.exe windows x86

cf98f14168e067c62c3615bce200ac74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUserW
WNetAddConnection3W
WNetPropertyDialogA
WNetGetProviderTypeA
WNetEnumResourceA
WNetGetResourceParentW
WNetGetConnection3A
WNetOpenEnumW
WNetGetResourceInformationW
WNetCancelConnection2W
WNetAddConnectionA
WNetUseConnectionW
WNetGetNetworkInformationA
WNetGetPropertyTextA
WNetGetNetworkInformationW
WNetGetProviderTypeW
MultinetGetConnectionPerformanceW
I_MprSaveConn
WNetGetConnection2A
WNetSupportGlobalEnum
WNetGetDirectoryTypeA
WNetOpenEnumA
WNetPropertyDialogW
WNetGetHomeDirectoryW
WNetSetLastErrorW
WNetGetUniversalNameW
WNetSetLastErrorA

ifsutil

?QueryDisjointRange@NUMBER_SET@@QBEXKPAVBIG_INT@@0@Z
?QueryVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?SendSonyMSRequestSenseCmd@DP_DRIVE@@QAEEPAU_SENSE_DATA@@@Z
?QueryParentsWithChildren@DIGRAPH@@QBEEPAVNUMBER_SET@@K@Z
?Lock@IO_DP_DRIVE@@QAEEXZ
??1NUMBER_SET@@UAE@XZ
?Pop@INTSTACK@@QAEXK@Z
?InvalidateVolume@IO_DP_DRIVE@@QAEEXZ
?GetCannedSecurity@IFS_SYSTEM@@SGPAVCANNED_SECURITY@@XZ
?RemoveAll@SPARSE_SET@@QAEEXZ
?SendSonyMSInquiryCmd@DP_DRIVE@@QAEEPAUSONY_MS_INQUIRY_DATA@@@Z
?CheckValidSecurityDescriptor@IFS_SYSTEM@@SGEKPAU_SECURITY_DESCRIPTOR@@@Z
?DiskCopyMainLoop@@YGHPBVWSTRING@@000EPAVMESSAGE@@1@Z
?WriteToFile@IFS_SYSTEM@@SGEPBVWSTRING@@PAXKE@Z
??1DIGRAPH@@UAE@XZ
?Initialize@DP_DRIVE@@QAEEPBVWSTRING@@PAVMESSAGE@@EEG@Z
?DismountVolume@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?Initialize@SPARSE_SET@@QAEEXZ
?CloseDriveHandle@DP_DRIVE@@QAEXXZ

crtdll

_mbsspnp
_CIcos
_mbctolower
printf
_statusfp
qsort
_chgsign
localeconv
_gcvt
atan2
_CIlog
iswlower
_mbsnbset
_rotr
_sopen
rename
fwprintf
_CIpow
_isctype
div
free

kernel32

LoadLibraryA
SearchPathW
VDMConsoleOperation
GetStartupInfoA
GetWriteWatch
InitializeCriticalSectionAndSpinCount
FlushViewOfFile
HeapCreate
GetNamedPipeHandleStateA
_llseek
GetThreadContext
FreeLibrary
CreateMutexA
CreateThread

sqlunirl

_ReplaceText_@4
_OpenDesktop_@16
_AddFontResource_@4
_CallNamedPipe_@28
_RegOpenKeyEx_@20
_ClearEventLog_@8
_OemToChar_@8
_QueryServiceConfig_@16
_RegQueryInfoKey_@48
_VkKeyScan_@4
_LookupAccountName_@28
_GetDefaultCommConfig_@12
_GlobalAddAtom_@4
_BackupEventLog_@8
_CreateEvent_@16
_GetWindowLong@8
_SetMenuItemInfo_@16
_GetModuleFileName@12
_ExpandEnvironmentStrings_@12
_DeviceCapabilities_@20

scrrun

DllRegisterServer
DLLGetDocumentation

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf98f14168e067c62c3615bce200ac74

Headers

File Characteristics

Imports

mpr

ifsutil

crtdll

kernel32

sqlunirl

scrrun

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB