VirusShare-014c417491f25c29f5d742c1fe385156

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-014c417491f25c29f5d742c1fe385156
Size

60KB
MD5

014c417491f25c29f5d742c1fe385156
SHA1

1268544f3c62f00c849f74cc2af44fce8452b414
SHA256

4e23dbd55796d03bf2bbd84c4f3a453fa9b550e13b483bf259e756f77638bdb9
SHA512

38f71afea1045a520ba54867983bebfb8e01c8e15d25efa26b233c282bd9c937cbaa809c1ef8c9eb6d78ebbc39f0619745201dd2e74f9a7fd3fe4c43d8deeded
SSDEEP

768:bXYwtp/2B54abZHxdWv+qOyLO4rzCfnEJhNojuEfV70jjH+SGDovxy1peY1WVr4:bIi+HRW2N4ksCXWH+ZoeF9Vu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-014c417491f25c29f5d742c1fe385156

Files

VirusShare-014c417491f25c29f5d742c1fe385156
.exe windows:4 windows x86 arch:x86

c579b9b12cf028d8cf9d8a45ba344f22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
CreateProcessA
CreateFileA
GetTempFileNameA
GetTempPathA
GetModuleHandleA
SystemTimeToFileTime
GetSystemTime
GetVolumeInformationA
GetWindowsDirectoryA
lstrcmpiA
WriteFile
LCMapStringW
LCMapStringA
ReadFile
FindClose
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
GetLastError
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
RemoveDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
GetCurrentDirectoryA
Sleep
FindFirstFileA
CreateDirectoryA
CopyFileA
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
ExitProcess
FlushFileBuffers

user32

SendMessageA
MoveWindow
GetSystemMetrics
GetWindowRect
FindWindowA
GetDlgItem
MessageBoxA
DialogBoxParamA
SetWindowTextA
PostMessageA
EndDialog
DefWindowProcA
SystemParametersInfoA
KillTimer
PostQuitMessage
CreateWindowExA
SetTimer
LoadIconA
LoadCursorA
RegisterClassExA
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteA

wininet

InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetQueryOptionA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c579b9b12cf028d8cf9d8a45ba344f22

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 7KB