VirusShare-0117de4d0d8856ec908bbac716953ac3

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-0117de4d0d8856ec908bbac716953ac3
Size

110KB
MD5

0117de4d0d8856ec908bbac716953ac3
SHA1

43c6abd0f56fb3285fc8d8400c029a6fa1517c32
SHA256

53a49c6fd91efd65d4bdebf8e32a816056cd8016ee607787d53097616b0b37be
SHA512

536e5eebf4a12779339752d3f932a18a3bd25d58e98fb9e9562d5551c106179d75bac38104083ed2ea071a19145d9034e72ccaa80a42588e65a01e44f4646b1f
SSDEEP

768:CkLN/xnh1oej1JWkEg38iLsolUrqL7bcxJCoDhyRRrmpkSUhhKTupbQso1bb1mba:CI/GQ1ItgxLso5cxX8aMQsQP9FEzR3k

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-0117de4d0d8856ec908bbac716953ac3

Files

VirusShare-0117de4d0d8856ec908bbac716953ac3
.exe windows:4 windows x86 arch:x86

bae37cf2a88260d9ea8dcc657366cc64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
GetModuleHandleA
SetCurrentDirectoryA
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetTempPathA
RemoveDirectoryA
Sleep
CreateMutexA
FindResourceA
LoadResource
LockResource
FreeResource
lstrcmpiA
GetVolumeInformationA
GetComputerNameA
MultiByteToWideChar
GetTimeZoneInformation
GetSystemTime
LocalFree
FormatMessageA
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
TerminateProcess
WaitForSingleObject
OpenProcess
WideCharToMultiByte
HeapFree
SetLastError
HeapAlloc
DeviceIoControl
GetLastError
CreateFileA
GetShortPathNameA
GetModuleFileNameA
SetPriorityClass
GetCurrentProcess
GetVersionExA
DeleteFileA
GetFileAttributesA
CreateDirectoryA
CreateProcessA
MoveFileExA
CopyFileA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegSetValueExA
SetNamedSecurityInfoA

iphlpapi

GetAdaptersInfo

mfc42

msvcp60

??0out_of_range@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ

msvcrt

_controlfp
_except_handler3
_unlink
sprintf
??2@YAPAXI@Z
__CxxFrameHandler
free
strcat
strcpy
realloc
_vsnprintf
memset
malloc
strlen
??0exception@@QAE@ABV0@@Z
_CxxThrowException
strrchr
strncpy
vsprintf
fflush
fclose
fwrite
printf
fopen
strncat
_snprintf
isalnum
strncmp
_stricmp
strtok
strcmp
strstr
atoi
toupper
strtol
memcpy
time
_itoa
exit
__p___argv
__p___argc
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

ole32

CoCreateInstance

oleaut32

shell32

ShellExecuteA
SHGetSpecialFolderPathA

shlwapi

SHDeleteValueA
PathAppendA
PathIsDirectoryA
PathRemoveFileSpecA
SHDeleteKeyA
PathGetArgsA
PathFileExistsA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
SHSetValueA
SHGetValueA

user32

PostMessageA
FindWindowExA
GetWindowThreadProcessId
RegisterWindowMessageA
SendMessageTimeoutA
wsprintfA
GetDesktopWindow
MessageBoxA
FindWindowA
GetWindowTextA
GetWindow
EnumWindows

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetGetConnectedState
InternetCrackUrlA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

UPX0
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bae37cf2a88260d9ea8dcc657366cc64

Headers

File Characteristics

Imports

kernel32

advapi32

iphlpapi

mfc42

msvcp60

msvcrt

ole32

oleaut32

shell32

shlwapi

user32

version

wininet

Sections

UPX0 Size: 104KB - Virtual size: 104KB

.rsrc Size: 1KB - Virtual size: 4KB

.avp Size: 4KB - Virtual size: 4KB

UPX0
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 1KB - Virtual size: 4KB

.avp
Size: 4KB - Virtual size: 4KB