VirusShare_ded87d05ac75210c26675ef424112cd6

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_ded87d05ac75210c26675ef424112cd6
Size

94KB
MD5

ded87d05ac75210c26675ef424112cd6
SHA1

ddb3536769e431ae095a2d594b9020d5e42d6cc7
SHA256

1f85eabf4ba5659972132c7a00512b54822feed504a72c87a1c5a8fa969d1b72
SHA512

1a1486357a09cbf1367e4ce01eac6911aafb3cbfa330cce402c3be597951a579474e431649c4980d42df7cc7f5b3bc5921a5542145e7be9e0214d73ff0dafd14
SSDEEP

1536:FJuVW1K9R9rtQd3b1o3fKooTOqPztRBgrkuDfQ5GBJ6dU8X:FKKgR9Od3b1o3fKooTOWrBgdDRoX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_ded87d05ac75210c26675ef424112cd6

Files

VirusShare_ded87d05ac75210c26675ef424112cd6
.dll windows:5 windows x86 arch:x86

00ee1ce0902026459824f06419450cff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddConsoleAliasA
BackupWrite
BuildCommDCBAndTimeoutsW
CallNamedPipeW
CancelTimerQueueTimer
ClearCommBreak
CommConfigDialogW
CompareStringW
CreateDirectoryW
CreateJobObjectW
CreateMailslotW
DnsHostnameToComputerNameW
EndUpdateResourceA
EnumCalendarInfoExA
EnumDateFormatsA
EnumResourceTypesA
EnumUILanguagesW
EraseTape
ExitThread
ExpandEnvironmentStringsA
FindFirstFileA
FreeResource
GetAtomNameA
GetBinaryTypeW
GetCommConfig
GetCommModemStatus
GetConsoleAliasExesLengthA
GetConsoleOutputCP
GetCurrentProcess
GetDefaultCommConfigA
GetDevicePowerState
GetDriveTypeA
GetEnvironmentVariableW
GetFileAttributesExW
GetFileTime
GetLargestConsoleWindowSize
GetMailslotInfo
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetPriorityClass
GetProfileIntW
GetProfileSectionW
GetProfileStringW
GetShortPathNameW
GetStartupInfoW
GetSystemDirectoryW
GetThreadPriorityBoost
LoadLibraryA
GetVersion
GetVersionExW
GlobalAlloc
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapUnlock
IsDBCSLeadByte
IsProcessorFeaturePresent
LoadResource
LocalAlloc
LocalUnlock
MapUserPhysicalPages
MoveFileExA
OpenFileMappingA
OpenWaitableTimerW
OutputDebugStringA
PeekConsoleInputW
ReadDirectoryChangesW
ReadFileEx
RequestDeviceWakeup
ResetWriteWatch
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SetConsoleCtrlHandler
SetCriticalSectionSpinCount
SetDefaultCommConfigW
SetFileApisToOEM
SetHandleInformation
SetLocaleInfoA
SetNamedPipeHandleState
SetProcessAffinityMask
SetThreadExecutionState
SetThreadPriorityBoost
SetVolumeMountPointW
TerminateThread
TransmitCommChar
VirtualAllocEx
VirtualLock
VirtualQueryEx
WaitForDebugEvent
_lwrite
lstrcatA
lstrcatW
lstrcmpi
lstrcpyW
GetProcAddress
ExitProcess
GetThreadTimes
VirtualAlloc

user32

PackDDElParam
PostMessageA
PostThreadMessageW
RealGetWindowClass
RedrawWindow
RegisterDeviceNotificationA
RegisterShellHookWindow
SetMenuItemInfoW
SetProcessDefaultLayout
SetRectEmpty
SetScrollPos
SetWinEventHook
SetWindowRgn
ShowWindowAsync
TabbedTextOutW
TileChildWindows
ToAsciiEx
TranslateAcceleratorA
VkKeyScanA
VkKeyScanExW
WINNLSGetIMEHotkey
WindowFromDC
wvsprintfA
OpenWindowStationA
OpenInputDesktop
OpenClipboard
NotifyWinEvent
MoveWindow
MonitorFromRect
MessageBoxW
MessageBoxA
MapVirtualKeyExW
LockWindowUpdate
LoadKeyboardLayoutA
LoadCursorA
KillTimer
IsCharAlphaNumericW
IntersectRect
InflateRect
InSendMessage
ImpersonateDdeClientWindow
IMPQueryIMEW
HiliteMenuItem
HideCaret
GetWindowTextW
GetWindowTextA
GetWindowLongA
GetUserObjectSecurity
GetUserObjectInformationW
GetSystemMetrics
GetSysColorBrush
GetShellWindow
GetScrollInfo
GetPropA
GetProcessDefaultLayout
GetMessageW
GetMenuItemInfoW
GetMenuItemID
GetKeyboardLayoutNameA
GetAsyncKeyState
FindWindowExW
FindWindowExA
EnumWindowStationsW
EnumDisplaySettingsExA
EnumDisplaySettingsA
EnumDesktopsA
EndMenu
DrawTextExW
DrawFrameControl
DragDetect
DestroyWindow
DeferWindowPos
DdeNameService
DdeInitializeW
DdeDisconnectList
CreateWindowStationW
CreateWindowExA
CreateIconIndirect
CreateDesktopA
CopyAcceleratorTableA
CloseWindowStation
CloseWindow
CharUpperA
CharToOemA
CharLowerA
ChangeDisplaySettingsW
ChangeDisplaySettingsExW
CascadeChildWindows
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout
GetDC
ReleaseDC
GetActiveWindow

gdi32

GetTextMetricsA
GetStockObject
SelectObject

shell32

WOWShellExecute
Shell_NotifyIconW
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteEx
ShellExecuteA
ShellAboutA
SHQueryRecycleBinW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
SHAppBarMessage
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHQueryRecycleBinA
SHFileOperationA
SHFormatDrive
SHGetDesktopFolder
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHIsFileAvailableOffline
SHLoadInProc
SHPathPrepareForWriteA
SHPathPrepareForWriteW

shlwapi

StrChrA
StrChrIA
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrA
StrRChrIA
StrRChrIW
StrRStrIW
StrStrA
StrStrIA
StrRChrW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00ee1ce0902026459824f06419450cff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 64B

.data3 Size: 82KB - Virtual size: 82KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 64B

.data3
Size: 82KB - Virtual size: 82KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB