VirusShare-0145d775512c6d51ead5a6a62223d297

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-0145d775512c6d51ead5a6a62223d297
Size

15KB
MD5

0145d775512c6d51ead5a6a62223d297
SHA1

7bc61b176c2a4b3ce12e286c46b26dc6323b4482
SHA256

30ae63482513119d098b9f4cfcbf5ca9087e788fe0065ac41c1b5b42ba51bc9d
SHA512

e846da91a3c5613a1c2585bac0313d16e3cdbb832bc770c2e99ae7e196f57da8fba0b21be16cd6a17c2472796164a2a811c88a2a589d8b1f6bb103d8da6eb6b9
SSDEEP

384:QYx/7qtqZUIm5RdFk2gSGBJJVeQYAORWWPV:QYx/7IqZUlpifdVaRB9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-0145d775512c6d51ead5a6a62223d297

Files

VirusShare-0145d775512c6d51ead5a6a62223d297
.dll windows:1 windows x86 arch:x86

3c70bd5afd4903abe8c548fbad5dc13a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
htonl
htons
inet_ntoa
listen
recv
select
send
socket

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

shell32

ShellExecuteA

kernel32

ExitProcess
GetEnvironmentStringsA
CloseHandle
GetSystemDirectoryA
GetTickCount
OpenMutexA
RtlUnwind
CreateMutexA
Sleep
CreateThread
DeleteFileA

user32

SetTimer
KillTimer
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
CreateWindowExA
DestroyWindow
DefWindowProcA

gdi32

GetStockObject

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

crtdll

_fdopen
_itoa
_open_osfhandle
atoi
fclose
fopen
fwrite
_cexit
malloc
memcpy
memmove
printf
raise
rand
setbuf
sprintf
srand
strcat
strcpy
strncmp
strncpy
strstr
strtok

Exports

Exports

LibMain
_LibMain@12
load

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 368B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 964B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 652B - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 112B - Virtual size: 112B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c70bd5afd4903abe8c548fbad5dc13a

Headers

File Characteristics

Imports

wsock32

wininet

shell32

kernel32

user32

gdi32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.bss Size: - Virtual size: 368B

.data Size: 964B - Virtual size: 964B

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 652B - Virtual size: 652B

.edata Size: 112B - Virtual size: 112B

.text
Size: 7KB - Virtual size: 7KB

.bss
Size: - Virtual size: 368B

.data
Size: 964B - Virtual size: 964B

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 652B - Virtual size: 652B

.edata
Size: 112B - Virtual size: 112B