VirusShare_07df34849085e6fe19ff0813cc9cfd00

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_07df34849085e6fe19ff0813cc9cfd00
Size

289KB
MD5

07df34849085e6fe19ff0813cc9cfd00
SHA1

fd1ba82fdb4179a48c055625c35d0140195e63ef
SHA256

4f8fe742f045294a21e266d6ac8ef1cd1bc7e57ca5460e4ede22e2727c413d31
SHA512

c97347ae6c666b412a05047b2c6b39aaa668233fe4b85a3db71cd04565ae77822fa204d1e9e7c800aa147016eb3182eb1c8f5f7f12f21c26a9f420d6450f75b2
SSDEEP

6144:Tz5X72QlgynEsKfanPoIAdhRSbGqgSbGqnSbGqMy:Tz5XSQ3oyP1AdhRS6SVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_07df34849085e6fe19ff0813cc9cfd00

Files

VirusShare_07df34849085e6fe19ff0813cc9cfd00
.exe windows:5 windows x86 arch:x86

4de3ba5e4c79b0aca2a59583ac1c702b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CreateDirectoryW
CreateFileW
CreateProcessW
DeleteAtom
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
ExpandEnvironmentStringsW
FindAtomW
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FlushInstructionCache
FormatMessageW
FreeLibrary
GetAtomNameW
GetCommandLineW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesW
GetFileSize
GetFileTime
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
CloseHandle
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
SetCurrentDirectoryW
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WriteFile
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
AddAtomW
VirtualAlloc
GlobalLock
GetDriveTypeA

user32

LoadIconA
LoadCursorA
GetSystemMetrics
LoadIconW

gdi32

GetStockObject

advapi32

RegOpenKeyExW

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4de3ba5e4c79b0aca2a59583ac1c702b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.text3 Size: 182KB - Virtual size: 181KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 94KB - Virtual size: 94KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.text3
Size: 182KB - Virtual size: 181KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 94KB - Virtual size: 94KB

.reloc
Size: 1KB - Virtual size: 1KB