VirusShare_9b6f5badb83d31acaa9701028cfaa160

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_9b6f5badb83d31acaa9701028cfaa160
Size

93KB
MD5

9b6f5badb83d31acaa9701028cfaa160
SHA1

999fa527aa65340ff2f714b52bcd571ccca34927
SHA256

f6ab0c7c7e899181b6af6243607b0566630266243f55c0c66fa984b753dfcc92
SHA512

ea2844e89b961b978b3b183bd9dcd0838f4791d567f6ca1e6e2048b11630ba319125371808cdf9d67dcb8b21fa6873075a59225170d45c3d75e0d12afa1560e1
SSDEEP

1536:f7dPE0Msj81riiEBSw33zG2U27dm06bMAAta2fQ4uEBhIWVKlYWnFdZqA:VE0Msj812l627A0dAAtaEQ4Z2lYWnFdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_9b6f5badb83d31acaa9701028cfaa160

Files

VirusShare_9b6f5badb83d31acaa9701028cfaa160
.dll windows:5 windows x86 arch:x86

b189fb0f3ae78ecd7422274b1dc3e01b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetWindowsDirectoryW
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
LocalAlloc
GetModuleFileNameW
SetLastError
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
GetModuleHandleW
UnhandledExceptionFilter
WideCharToMultiByte
WriteFile
WritePrivateProfileSectionW
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenA
GetLocalTime
GetLastError
GetExitCodeProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
FreeLibrary
FormatMessageW
TerminateProcess
GetModuleHandleA
FileTimeToSystemTime
DeleteFileW
CreateFileW
CloseHandle
VirtualAllocEx
LocalFree
QueryPerformanceCounter

user32

LoadIconW
PeekMessageW
DestroyIcon
LoadIconA
LoadCursorA
wsprintfW
DispatchMessageW
MsgWaitForMultipleObjects

gdi32

GetStockObject

advapi32

FreeSid
DuplicateTokenEx
CreateProcessAsUserW
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyExW
GetTokenInformation
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegRestoreKeyW
RegSaveKeyW
EqualSid

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shlwapi

PathCanonicalizeW
StrStrIW

msvcrt

_cexit
wcstoul
wcslen
wcschr
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_controlfp
_except_handler3
_exit
_initterm
exit
free
malloc
towlower

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b189fb0f3ae78ecd7422274b1dc3e01b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

msvcrt

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 74KB - Virtual size: 74KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 1024B - Virtual size: 68KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 74KB - Virtual size: 74KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 1024B - Virtual size: 68KB