VirusShare-e20c54dea14c7c546ff7332d2b3efe97

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-e20c54dea14c7c546ff7332d2b3efe97
Size

412KB
MD5

e20c54dea14c7c546ff7332d2b3efe97
SHA1

218ea3903227dcd35f803172980ae36324b5f6cb
SHA256

e4212121d4798c5e66bcfb05ad68b49bba762e24ec8688c53fd73e55c61b74a8
SHA512

e41cf77226a220141116148b0544bdb4348e96a0bb33014a2b5a36f75367c3a8ced501cd5592965804a1c855d7e10c62a795ad949c7eb1f34bd31a80046256cb
SSDEEP

6144:Nj9XhbrHwRtvJtiaBG/xxOYa+bVRS1cBjZ2yRyq:NhxfWtiaBqbbntZHv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-e20c54dea14c7c546ff7332d2b3efe97

Files

VirusShare-e20c54dea14c7c546ff7332d2b3efe97
.dll regsvr32 windows:4 windows x86 arch:x86

71194b624c56cfa1653126ff11e2fd55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\2009 Codebase\EDC\HomePage\bin\release\CDWebVw.pdb

Imports

kernel32

FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
LockResource
LoadLibraryA
SetThreadLocale
GetThreadLocale
InterlockedExchange
GetVersionExA
GetTickCount
GlobalFree
GlobalHandle
WritePrivateProfileStringA
GetLocalTime
DeleteFileA
CloseHandle
GetFileSize
CreateFileA
GetFileAttributesA
OutputDebugStringA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
LoadLibraryW
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
WriteFile
ExitProcess
HeapCreate
GetCommandLineA
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetProcAddress
MultiByteToWideChar
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetLocaleInfoA
GetACP

user32

GetWindowLongA
SetWindowLongA
PostMessageA
CharNextA
SendMessageA
MessageBoxA
MapWindowPoints
GetClientRect
ScreenToClient
GetParent
GetClassInfoExA
LoadCursorA
GetKeyState
MoveWindow
CharUpperBuffA
KillTimer
SetTimer
DialogBoxIndirectParamA
SetDlgItemTextA
MapDialogRect
SetWindowContextHelpId
AdjustWindowRectEx
EndDialog
GetWindowRect
SystemParametersInfoA
UnregisterClassA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateAcceleratorTableA
DestroyAcceleratorTable
IsWindow
GetDesktopWindow
SetFocus
GetFocus
GetWindow
BeginPaint
EndPaint
CallWindowProcA
DestroyWindow
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ClientToScreen
SetWindowPos
GetSysColor
CreateWindowExA
RegisterClassExA
DefWindowProcA

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CoGetObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID

oleaut32

SysAllocStringLen
DispCallFunc
SysAllocStringByteLen
RegisterTypeLi
UnRegisterTypeLi
OleCreateFontIndirect
SysStringByteLen
LoadTypeLi
SysFreeString
VariantInit
VariantClear
VariantChangeType
SysAllocString
VarUI4FromStr
SysStringLen
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71194b624c56cfa1653126ff11e2fd55

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 28KB - Virtual size: 24KB

.reloc Size: 24KB - Virtual size: 21KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 28KB - Virtual size: 24KB

.reloc
Size: 24KB - Virtual size: 21KB

.text
Size: 112KB - Virtual size: 112KB