VirusShare_bb592f367900819d66e689e1cf1f9880 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_bb592f367900819d66e689e1cf1f9880
Size

119KB
MD5

bb592f367900819d66e689e1cf1f9880
SHA1

5e32082cdc03925507b91b7c8d2e2331b2c55d3b
SHA256

d82135e1e867438f572cb66a2d90e77aa63950ee2cf0db5f216b115af363ae36
SHA512

2db8b19f184cc3ef11850dcac8f2958ab211f70bfd419a142e91e3b9404b7feed080b3db2095c9faf6b6b8c0f0c9826fb15cd941bcc9625db2c9dd303cbc35ff
SSDEEP

3072:kPhqyhtPClZeIkdMtxI1fyV8WdXNNDb9:kPhaDeIcRY6WddZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_bb592f367900819d66e689e1cf1f9880

Files

VirusShare_bb592f367900819d66e689e1cf1f9880
.dll windows:4 windows x86 arch:x86

7dcaa36823fad6afb226c5607caf18b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

bbtune.pdb

Imports

kernel32

IsSystemResumeAutomatic
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter

user32

CharNextA
MessageBoxA
wsprintfA

advapi32

RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegSetValueExA

msvcrt

memset
toupper

powrprof

GetPwrCapabilities

Exports

Exports

Wrch4

Sections

.data
Size: 512B - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ