VirusShare-30303111bf8261947fc9501067b415eb

General

Target

VirusShare-30303111bf8261947fc9501067b415eb
Size

115KB
MD5

30303111bf8261947fc9501067b415eb
SHA1

5370cd42d0b1b38a251ee9a47eeffd8108caa29c
SHA256

2ba88b70fbe4f9208b8ae792081fb8539e8d431919002a48768c01704ee9e708
SHA512

7368b8266b4c42ffd3ac224fc54a111c8b516f49a8d5cfc6c8a75649a2ca5240c6d08ba74128bc29b30d066a7a233bc8aae04ac15ecced8d56fdbfd720be0934
SSDEEP

3072:iSLR9KWSN36TXvJ8e8Emp06DI65svuOyQ:rLRsuTfJRZC5svuO5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-30303111bf8261947fc9501067b415eb

Files

VirusShare-30303111bf8261947fc9501067b415eb
.exe windows:4 windows x86 arch:x86

78543a00cfbd3c8c8a331aad80b5d4cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oracore10

lstlo
lstcap

orauts

WriteFile
CreateNamedPipeA
ConnectNamedPipe
CreateProcessA
CreateThread
CloseHandle
Sleep
GetLastError
ReadFile
WaitForMultipleObjects

kernel32

LocalFree
FormatMessageA
ResetEvent
CreateEventA
SetConsoleCtrlHandler
DisconnectNamedPipe
FlushFileBuffers
GetExitCodeProcess
GetModuleFileNameA
SetEvent

advapi32

CreateServiceA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CloseServiceHandle
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

user32

WaitForInputIdle

msvcrt

__p___initenv
_XcptFilter
_initterm
__setusermatherr
_adjust_fdiv
_onexit
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
__getmainargs
_exit
malloc
printf
strncpy
exit
_stricmp
sprintf
free

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78543a00cfbd3c8c8a331aad80b5d4cd

Headers

File Characteristics

Imports

oracore10

orauts

kernel32

advapi32

user32

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 68KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 68KB