VirusShare_8fccfd01aaad31b8081228a376f6cf51

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_8fccfd01aaad31b8081228a376f6cf51
Size

174KB
MD5

8fccfd01aaad31b8081228a376f6cf51
SHA1

ed6b4326cacf9c8e593b77a5d50ea0b773ebf839
SHA256

4a7c7d60a4ae811e0c8e06c496a3c04246d2e23b96629951a58c25f641de88d5
SHA512

1897bb56657780657934908c0c600971b8842adc68441feecae3ebddc131c4f58fc7c7993cc607778c67697adf3f5026b78cbe9a74976eaf331804cb1cba7411
SSDEEP

3072:CO2ZYQ5fmwJCER7SEQiGa7hFqUpEeewvUEjRZKgoVDde5wbBFiQE0+:LBQMwJd7SGF+eeYUEjmRpc6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_8fccfd01aaad31b8081228a376f6cf51

Files

VirusShare_8fccfd01aaad31b8081228a376f6cf51
.exe windows:5 windows x86 arch:x86

02b057e43300b57242b4b415c280b6c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
HeapSetInformation
LocalFree
GetCommandLineA
FindResourceExA
lstrcatA
SetErrorMode
VirtualQuery
GetTempFileNameA
ResumeThread
GlobalLock
GetLastError
UnlockFile
QueryPerformanceFrequency
lstrcmpW
GetFileType
LoadResource
GetCurrentDirectoryA
LocalFileTimeToFileTime
FindResourceW
LocalAlloc
GetDriveTypeW
HeapSize
MapViewOfFile
WinExec
GetEnvironmentStringsW
GlobalAlloc
LocalLock
GetDriveTypeA
CreateProcessA
GetUserDefaultUILanguage
EnumResourceNamesA
LocalUnlock
GetFileTime
_lwrite
SetFileAttributesA
GetTimeZoneInformation
MulDiv
EnumResourceLanguagesA
CopyFileA
lstrcmpiA
FreeEnvironmentStringsW
GetFileAttributesA
GetSystemInfo
CreateFileA
GlobalFindAtomA
GetSystemDirectoryW
InterlockedDecrement
TlsFree
CompareStringA
GetNumberFormatA
CreateFileW
SetEvent
CreateThread
lstrcpynA
EnumResourceTypesA
GetStringTypeExA
GetACP
FreeLibrary
GetLocaleInfoA
HeapFree
TerminateProcess
RtlUnwind
LocalReAlloc
ExpandEnvironmentStringsA
GetTickCount
GetModuleHandleW
MultiByteToWideChar
CloseHandle
SetEndOfFile
FreeResource
Sleep
GlobalFree
lstrlenW
FileTimeToDosDateTime
FindClose
LoadLibraryA
GetLocalTime
GetCurrentProcess
DosDateTimeToFileTime
GlobalGetAtomNameA
GetStdHandle
GetOEMCP
CreateFileMappingA
FindFirstFileExA
_lcreat
InitializeCriticalSection
FlushFileBuffers
WideCharToMultiByte
ExitProcess
GetFileInformationByHandle
IsValidCodePage
GetPrivateProfileStringA
SetFilePointer
OpenFile
SetCurrentDirectoryA
ReplaceFileA
LoadLibraryW
_lread
RemoveDirectoryA
GetStringTypeW
SetThreadPriority
UnmapViewOfFile
GetTempPathA
GetStartupInfoW
CompareFileTime
GetVersionExA
LoadLibraryExA
GetFileSize
GetFileSizeEx
ConvertDefaultLocale
GlobalAddAtomA
GetCPInfo
TlsGetValue
HeapAlloc
GlobalReAlloc
WriteConsoleW
InterlockedExchange
IsDebuggerPresent
GetCurrentThread
GlobalHandle
FindNextFileA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentThreadId
WritePrivateProfileStringA
WriteFile
CreateDirectoryA
LockFile
UnhandledExceptionFilter
FindResourceExW
WaitForMultipleObjects
GetCurrentProcessId
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageA
QueryPerformanceCounter
LCMapStringW
ReadFile
GetVolumeInformationA
GetCurrentDirectoryW
GetSystemDirectoryA
DeleteFileA
SearchPathA
DeleteCriticalSection
GetFileAttributesExA
IsProcessorFeaturePresent
GetShortPathNameA
GetModuleHandleA
GetConsoleCP
GetFullPathNameA
ExitThread
lstrcpyA
HeapCreate
SetFileTime
SetEnvironmentVariableA
SetHandleCount
GetDiskFreeSpaceA
RaiseException
CompareStringW
SuspendThread
DuplicateHandle
HeapQueryInformation
GetConsoleMode
CreateEventA
TlsSetValue
GetEnvironmentVariableW
LoadLibraryExW
CancelWaitableTimer
VirtualProtectEx
OpenWaitableTimerA
OpenWaitableTimerW
AddAtomW
GetVersion
GlobalAddAtomW
AreFileApisANSI
InterlockedIncrement
GlobalSize
TlsAlloc
FindResourceA
lstrcmpA
SetLastError
EnterCriticalSection
GlobalUnlock
FindFirstFileA
LeaveCriticalSection
GetProfileIntA
GetThreadLocale
FindFirstChangeNotificationA
WaitForSingleObject
LockResource
_lclose
InitializeCriticalSectionAndSpinCount
GlobalDeleteAtom
GetProcessHeap
FindNextChangeNotification
SetPriorityClass
GlobalFlags
GetUserDefaultLangID
GetModuleFileNameW
VirtualProtect
SetUnhandledExceptionFilter
FindCloseChangeNotification
GetWindowsDirectoryA
HeapReAlloc
GetProcAddress
MoveFileA
GetPrivateProfileIntA
SetStdHandle
SizeofResource
GetSystemDefaultUILanguage
ResetEvent
lstrlenA

user32

SetForegroundWindow
LoadStringA
LoadIconA
CharUpperA
wsprintfW
GetForegroundWindow
IsWindowVisible
GetDesktopWindow

advapi32

EnumDependentServicesW
ReportEventW
RegisterServiceCtrlHandlerExW
SetNamedSecurityInfoW
RegOpenKeyExW
ControlService
DeleteService
DuplicateTokenEx
RegCreateKeyExW
RegQueryValueExW
StartServiceW
OpenServiceW
SetTokenInformation
RegCreateKeyW
OpenSCManagerW
RegSetValueExW
StartServiceCtrlDispatcherW
DeregisterEventSource
ChangeServiceConfigW
QueryServiceStatusEx
RevertToSelf
GetNamedSecurityInfoW
CloseServiceHandle
SetServiceStatus
OpenProcessToken
GetTokenInformation
BuildExplicitAccessWithNameW
RegisterEventSourceW
SetEntriesInAclW
RegCloseKey
CreateServiceW
RegEnumKeyW
RegOpenKeyW
CreateProcessAsUserW

shell32

SHGetMalloc
SHGetSpecialFolderPathW
SHEmptyRecycleBinW

ole32

CoInitialize

shlwapi

PathCombineW
PathFindFileNameW
PathQuoteSpacesW
StrStrIW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

version

VerQueryValueW

oledlg

ord8

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetModuleInformation
GetModuleFileNameExW

msvcrt

__set_app_type
exit
_CIsin
_except_handler3

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02b057e43300b57242b4b415c280b6c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

userenv

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 42KB - Virtual size: 134KB

.rsrc Size: 44KB - Virtual size: 44KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 42KB - Virtual size: 134KB

.rsrc
Size: 44KB - Virtual size: 44KB

.reloc
Size: 10KB - Virtual size: 10KB