VirusShare_6f6d808dd70c0c55ea1fc2d14a94b8a0

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_6f6d808dd70c0c55ea1fc2d14a94b8a0
Size

180KB
MD5

6f6d808dd70c0c55ea1fc2d14a94b8a0
SHA1

aab657d852766ad86ee94e613a43aea91b3033ff
SHA256

d9e06ebb1673b7c84d2c02d95a8ae4db66f217a6195b63272f6c377fbfa525d9
SHA512

85f7dce971d7c2bcb01fc910649b0ce0b60dc4e22ddd1c5af07f8b1ea5a072d2205870948113fd71932b22242391dde2ab6504644f2805f6f78d8c7d8bd4c5ac
SSDEEP

3072:FcYcwTkIv2b+HqCoqVzxNh4cfigZr8Wa:F5JTkIv2iHc6zbhvsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_6f6d808dd70c0c55ea1fc2d14a94b8a0

Files

VirusShare_6f6d808dd70c0c55ea1fc2d14a94b8a0
.dll windows:4 windows x86 arch:x86

8da15fd22ba9252cc4421d115e7ab968

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindAtomA
SetTimerQueueTimer
CreateHardLinkW
_lread
FindResourceA
GetUserDefaultUILanguage
AssignProcessToJobObject
CreateHardLinkA
CreateFileMappingW
GetNamedPipeHandleStateA
DeleteAtom
PostQueuedCompletionStatus
GlobalUnWire
SetInformationJobObject
FindClose
CreatePipe
MulDiv
UnmapViewOfFile
EnumSystemLanguageGroupsA
SetConsoleCtrlHandler
DuplicateHandle
FileTimeToDosDateTime
GetCurrencyFormatW
GetProfileSectionA
lstrcatA
GlobalAddAtomA
SetLastError
CreateTimerQueue
GlobalMemoryStatusEx
UnlockFile
AddAtomW
SetHandleCount
SetSystemPowerState
QueryDosDeviceW
FoldStringW
WriteConsoleInputA
_lopen
GetSystemTime
DeleteCriticalSection
OpenEventA
SetPriorityClass
DefineDosDeviceA
_hwrite
GetPrivateProfileSectionNamesA
GetThreadTimes
BackupWrite
GetFileInformationByHandle
MoveFileExA
LocalHandle
SetConsoleMode
ScrollConsoleScreenBufferA
LeaveCriticalSection
GetSystemWindowsDirectoryW
HeapUnlock
DeleteFileA
GetTempPathW
IsValidLanguageGroup
GetFileAttributesA
DeleteFileW
InitializeCriticalSection
CreateFileA
GetVolumeNameForVolumeMountPointW
ReadConsoleW
GlobalAlloc
GlobalFree
GetCPInfoExW
FindResourceA

winmm

waveInClose

ole32

SNB_UserFree
OleCreateEmbeddingHelper
HWND_UserMarshal
GetRunningObjectTable
HACCEL_UserMarshal
CoRegisterMallocSpy
RegisterDragDrop
StgConvertVariantToProperty
PropVariantCopy
FreePropVariantArray
CoGetTreatAsClass
CreateFileMoniker
CoQueryAuthenticationServices
IsAccelerator
CoTaskMemFree
CreateClassMoniker
MonikerRelativePathTo
PropStgNameToFmtId
HPALETTE_UserUnmarshal
CoGetObject
OleIsCurrentClipboard
GetClassFile
CoUnmarshalInterface
CoAllowSetForegroundWindow
CLIPFORMAT_UserSize
HWND_UserSize
HPALETTE_UserMarshal
CoRegisterPSClsid
BindMoniker
STGMEDIUM_UserMarshal
SNB_UserMarshal
CoMarshalInterface

shlwapi

StrCSpnA
StrCSpnW

advapi32

GetLengthSid

Exports

Exports

StartLion

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8da15fd22ba9252cc4421d115e7ab968

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

ole32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.tls Size: 68KB - Virtual size: 65KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 16KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.tls
Size: 68KB - Virtual size: 65KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 16KB