VirusShare_495a843921422acf1f502859672bf61e

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_495a843921422acf1f502859672bf61e
Size

212KB
MD5

495a843921422acf1f502859672bf61e
SHA1

632b8b31f8f8757c78d033c6906c3a0634adee30
SHA256

cce20b7156920875062f39d75761fad6616cbe772b2e3c87f76c247453aff851
SHA512

e0f47cbfc199acf066533591eee07928a59ebb05aae58b11cdfc9fb5f60eb3b4ec61941de1b9359c35c4ef5a93f7b8cb03d480602de7c1050ace85e3031b5c74
SSDEEP

3072:x7J3ebxWf5AuuWPf0cKMTmUglrTIKVZ5sDm/G/d80nD/iwlawCcAkUOGDCyvwXa+:KcLNKMTglXfVTs6Gd80uslCVBzbwI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_495a843921422acf1f502859672bf61e

Files

VirusShare_495a843921422acf1f502859672bf61e
.exe windows:4 windows x86 arch:x86

55539d29cc3062fa260119e9a585d110

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveBackslashA
PathCombineA
PathIsDirectoryW
PathIsRelativeA
SHRegOpenUSKeyW
SHDeleteKeyA
PathIsRootW
PathStripToRootA

wininet

HttpOpenRequestA
FindFirstUrlCacheEntryExA
InternetGetCookieA
InternetAttemptConnect
InternetCanonicalizeUrlA
InternetOpenA
InternetQueryDataAvailable
InternetSetOptionA
InternetCombineUrlA
InternetQueryOptionA
HttpSendRequestExA
InternetSetOptionExA

user32

DdeFreeStringHandle
LoadAcceleratorsA
DdeConnect
CharLowerBuffW
DrawTextA
GetCursorPos
DefWindowProcW
IsCharAlphaW
DispatchMessageW
GetSystemMenu
MsgWaitForMultipleObjectsEx
GetClipboardFormatNameA
ScrollWindowEx
CreateCaret
TranslateMDISysAccel
UnhookWindowsHookEx
GetMessageA
OemToCharBuffA
ModifyMenuA
SetScrollRange
SetMenuItemBitmaps
CharLowerW
InflateRect
ClipCursor
BeginDeferWindowPos
ReleaseDC
LoadImageA
GetClassLongW
DrawIcon
EnableWindow
FillRect
DestroyMenu
DrawIconEx
GetKeyboardState

advapi32

RegNotifyChangeKeyValue
RegisterServiceCtrlHandlerA
QueryServiceStatus
OpenSCManagerW
OpenSCManagerA
StartServiceW
LsaAddAccountRights
RegRestoreKeyA
ReportEventA
RegDeleteValueA
EqualSid
RegisterEventSourceA
LsaRetrievePrivateData
SetServiceStatus
RegDeleteValueW
RegDeleteKeyA
OpenServiceA
ChangeServiceConfigW
RegSetValueW
RegSetValueA
CloseServiceHandle

kernel32

CopyLZFile
IsDBCSLeadByteEx
ExitThread

gdi32

DeleteDC
Rectangle
CreateBitmap
CreateRectRgnIndirect
GetTextFaceA
DPtoLP
CreateRectRgn
Polyline
SetROP2
CreateFontW
GetObjectA
SetViewportExtEx
IntersectClipRect
GetCharWidthA
UnrealizeObject
TextOutW
SelectPalette
SetWindowExtEx
SetBitmapDimensionEx
GetTextAlign
MoveToEx
SetBrushOrgEx
GdiFlush
GetTextCharset
SetDIBColorTable
SetWindowOrgEx
SetBkMode
CreatePolygonRgn
SetPixel
GetTextExtentPointW
GetMapMode
CreateCompatibleDC
CreateBitmapIndirect
GetTextCharsetInfo
CreateDIBSection
GetPaletteEntries
StretchDIBits
SetMapMode
GetDeviceCaps
CombineRgn
CreateHalftonePalette
GetROP2
TranslateCharsetInfo
CreateICA
GetTextExtentPoint32A
GetStockObject
StretchBlt
GetWindowExtEx
CreateDCA
EnumFontFamiliesExA
SetPolyFillMode
Polygon
SetEnhMetaFileBits
GetObjectType
SetPaletteEntries
ExtCreatePen
TextOutA
SetWinMetaFileBits
EnumFontFamiliesA
RealizePalette
GetRgnBox
BitBlt
SetViewportOrgEx
DeleteObject
GetWindowOrgEx
CreateFontIndirectW
FrameRgn
GetCurrentObject
GetNearestPaletteIndex
CreateFontA
SetDIBits
CreateDIBitmap
OffsetRgn
PatBlt
GetClipBox
CreatePenIndirect
GetNearestColor
CreateSolidBrush
CreatePen
GetSystemPaletteEntries
ExtTextOutA
LPtoDP
GetCurrentPositionEx
ExtTextOutW
GetObjectW
RestoreDC
LineTo
SetPixelV
GetDIBits
GetBkMode
EnumFontFamiliesExW
CreatePatternBrush
EnumFontsA
SetBkColor
SelectClipRgn
GetViewportExtEx
GetBitmapDimensionEx
CreateEllipticRgn
GetDIBColorTable
SetTextColor
GetTextMetricsA
ResizePalette
RoundRect
CreateHatchBrush
Escape
ExtCreateRegion
SelectObject
CreateRoundRectRgn
SetTextAlign
ExtEscape
CreateICW
CreateCompatibleBitmap

version

GetFileVersionInfoSizeW
GetFileVersionInfoA

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55539d29cc3062fa260119e9a585d110

Headers

File Characteristics

Imports

shlwapi

wininet

user32

advapi32

kernel32

gdi32

version

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 40KB - Virtual size: 165KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 40KB - Virtual size: 165KB

.rsrc
Size: 28KB - Virtual size: 26KB