VirusShare_c91b6dca7c71c4dbcbe0402f73330b8e

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_c91b6dca7c71c4dbcbe0402f73330b8e
Size

379KB
MD5

c91b6dca7c71c4dbcbe0402f73330b8e
SHA1

53a60b09679911306101f989a617eb31b779f7f5
SHA256

fc3d2b9a8fb5d0c2bbbfecb254fe185bef6c1fa79938717197e0e9941ccf0471
SHA512

9ce85cb227d3bef687f6cacdb54a83d3acf1c4dde5b0c760490aa4d29aec89ce7a3ea53db67d3c96428f29b1b5984dc41c6ae0514c297c45cfea86447915570f
SSDEEP

6144:7HT75keEd288MSJwc1xIDqv5KT0kY4MFpO9KS3zh5522:7Hn7G18MSJwcv5A0kYHpO0Uv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_c91b6dca7c71c4dbcbe0402f73330b8e

Files

VirusShare_c91b6dca7c71c4dbcbe0402f73330b8e
.exe windows:4 windows x86 arch:x86

210201282048e1d30a67be2de0ea309d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

c:\Must\A\Continuations.pdb

Imports

kernel32

FreeLibrary
GetLastError
HeapAlloc
GetEnvironmentStringsW
GetProcessHeap
HeapFree
DeviceIoControl
GlobalMemoryStatus
GetLocalTime
IsProcessorFeaturePresent
CreateEventA
GetCurrentThread
GetThreadPriority
SetThreadPriority
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
lstrcmpiW
GetTempPathA
SetLastError
GetTempFileNameA
Sleep
GetModuleFileNameA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
SetEnvironmentVariableA
MulDiv
DeleteCriticalSection
EnterCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
lstrlenA
GetDiskFreeSpaceA
lstrcpynW
GlobalUnlock
GlobalLock
MultiByteToWideChar
lstrcatW
LocalAlloc
lstrcpynA
lstrcmpW
GetSystemTimeAsFileTime
GetStartupInfoW
GetSystemTimes
GetSystemInfo
ExitThread

user32

GetWindowPlacement
IsIconic
DrawEdge
GrayStringW
TabbedTextOutW
InflateRect
CopyRect
GetSysColorBrush
UnregisterClassW
OemToCharBuffA
CharToOemBuffA
CharUpperW
IsCharAlphaW
CharNextW
CharNextA
OffsetRect
SwitchToThisWindow
FindWindowW
GetClassInfoW
RegisterClassW
DefWindowProcW
GetForegroundWindow
IsWindowVisible
GetMonitorInfoW
EnumChildWindows
GetAsyncKeyState
ExitWindowsEx
GetAncestor
DrawIcon
DrawFocusRect
GetWindowTextA
LoadStringA
UpdateWindow
LookupIconIdFromDirectory
CreateIconIndirect
PrivateExtractIconsW
GetSysColor
GetWindowThreadProcessId
RemovePropW
CopyIcon
EnumWindows
GetClassNameW
SetTimer
GetWindow
GetCursorPos
MonitorFromPoint
SetForegroundWindow
MonitorFromWindow
IsWindowEnabled
MapVirtualKeyW
SetFocus
DrawTextW
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
LoadIconW
GetKeyState
MapWindowPoints
SetWindowPos
GetShellWindow
IsCharUpperW
BeginPaint
GetClientRect
EndPaint
LoadImageW
SetWindowTextW
GetDlgItemTextW
GetSystemMetrics
CreateWindowExW
SetMenu
TrackPopupMenuEx
LockSetForegroundWindow
ShowCaret
HideCaret
SystemParametersInfoA
NotifyWinEvent
AdjustWindowRectEx
LoadCursorW
SetCursor
SetMenuDefaultItem
IsWindow
GetDlgItem
EnableWindow
GetDlgCtrlID
WinHelpW
SetDlgItemTextW
EnumDisplayDevicesW
wsprintfW
GetWindowLongW
SetWindowLongW
GetWindowTextW
GetWindowTextLengthW
LoadStringW
GetParent
CheckDlgButton
ShowWindow
MoveWindow
ScreenToClient
GetWindowRect
SetDlgItemTextA
IsDlgButtonChecked
SetPropW
GetDlgItemTextA
SetDlgItemInt
GetNextDlgTabItem
CheckRadioButton
LoadBitmapW
MonitorFromRect
AdjustWindowRect
SetRect
CloseDesktop
OpenInputDesktop
AllowSetForegroundWindow
GetWindowModuleFileNameA
IsChild
EqualRect

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteKeyA
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyW
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegEnumKeyExA

shell32

SHGetDesktopFolder
DragQueryFileW
SHChangeNotify

ole32

CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc

msvcrt

swscanf
wcsncpy
strtol
wcstok
qsort
atoi
wcscpy
wcslen
memmove
malloc
localtime
printf
fwrite
fread
ftell
fseek
exit
rand
time
rewind
asctime
fscanf
srand
fprintf
fclose
free

mscms

InstallColorProfileW
IsColorProfileValid
EnumColorProfilesW
UninstallColorProfileW

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

210201282048e1d30a67be2de0ea309d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

winspool.drv

advapi32

shell32

ole32

msvcrt

mscms

Sections

.text Size: 289KB - Virtual size: 289KB

.data Size: 89KB - Virtual size: 97KB

.text
Size: 289KB - Virtual size: 289KB

.data
Size: 89KB - Virtual size: 97KB