VirusShare-0181bdd4ffd2573366f82197c7cf77df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-0181bdd4ffd2573366f82197c7cf77df
Size

11KB
MD5

0181bdd4ffd2573366f82197c7cf77df
SHA1

a598ff469a557ca881f0eb0033759d43741cf40d
SHA256

0efa22f46e495a212d7216a5387f2dccac2563452472b467ec1fa65f115b3dcd
SHA512

1493f36c78716c19d3df2fd64c119d88b1a5d68ea02a6fb29f8a8dfb231a854c153f3a7056d0698710d6d3b7fe47b5a3de4a04fcafcc78ac80cdf34ed5cde5e0
SSDEEP

48:Cz2pLbFaiuX89C+/a/NFPJ4ADeGfqHoFpO1fSQrNe8ar2sVByYMn/HX1Ivv4shal:iQqvFCkeKyxardVMY031a4x9/lA4NV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-0181bdd4ffd2573366f82197c7cf77df

Files

VirusShare-0181bdd4ffd2573366f82197c7cf77df
.dll windows:4 windows x86 arch:x86

f41c8f53e38aeb0207a8f35772ff684f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_adjust_fdiv
free
strstr
_strtime
_strdate
strncpy
_strupr
malloc

kernel32

CloseHandle
CreateFileA
WriteFile
lstrlenA
SetFilePointer

user32

FindWindowExA
wsprintfA
CallNextHookEx
ToAscii
GetClassNameA
SendMessageA
GetKeyboardState
GetForegroundWindow
GetWindowTextA
SetWindowsHookExA
GetWindow
UnhookWindowsHookEx

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA

Exports

Exports

_HookApps@12
_SetFilt@4

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cxShared
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ