VirusShare_8212a906a22b7c4ac1207d43bae0ee71

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_8212a906a22b7c4ac1207d43bae0ee71
Size

283KB
MD5

8212a906a22b7c4ac1207d43bae0ee71
SHA1

50d1e4ef92c293ab41c747f270fa10dae3e2f055
SHA256

b6039d2d19af07359f62691cdd59a3ad04b8282f12c753162cddd305c799d81e
SHA512

37feeced72d5d7fc1ad1bbbae0e1d15f70884b6dc653a599dbd3325cb7d3e6792a67d7e171bfbf90b30db6e18d8b046f3cf42100098fdb4051a8965744af3d4d
SSDEEP

6144:iyKpPg7uHB8sHIlEdeOtUgqHHrt55f/APoLvRWihWJraOESE:/G18+2OSHH555QPWXhQrhPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_8212a906a22b7c4ac1207d43bae0ee71

Files

VirusShare_8212a906a22b7c4ac1207d43bae0ee71
.exe windows:4 windows x86 arch:x86

590f09ca0a2c68be2d0601a32ad00c12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemInfoA
EqualRect
ChangeDisplaySettingsExA
SetScrollRange
SetUserObjectSecurity

kernel32

FillConsoleOutputCharacterW
DeleteFileW

msvcrt

_msize

advapi32

LsaEnumerateAccountRights
DecryptFileW
LookupAccountNameA
RegSetValueExW
StartServiceA
RegisterEventSourceW
QueryServiceStatus
RegOpenKeyExA
SetTokenInformation
RegOpenKeyExW
GetNamedSecurityInfoW
ObjectOpenAuditAlarmW
RegCloseKey
RegisterServiceCtrlHandlerW
OpenProcessToken
ObjectPrivilegeAuditAlarmA
GetSecurityDescriptorControl
OpenServiceA
OpenServiceW
GetLengthSid
ObjectCloseAuditAlarmA
SetPrivateObjectSecurity
CopySid
QueryServiceObjectSecurity
GetSecurityDescriptorDacl
RegisterEventSourceA
DuplicateTokenEx
CreatePrivateObjectSecurity
LsaNtStatusToWinError
QueryServiceLockStatusW
GetSecurityDescriptorGroup
EqualSid
AreAnyAccessesGranted
QueryServiceConfigA
GetSidSubAuthorityCount
RegNotifyChangeKeyValue
MakeSelfRelativeSD
LookupPrivilegeNameW
LookupSecurityDescriptorPartsW
GetExplicitEntriesFromAclW
RegQueryMultipleValuesW
CloseServiceHandle
LsaLookupNames
AccessCheck
OpenBackupEventLogA
RevertToSelf
GetExplicitEntriesFromAclA
LsaEnumerateTrustedDomains
IsTokenRestricted
GetAuditedPermissionsFromAclW
GetSidSubAuthority
SetSecurityDescriptorGroup
GetServiceKeyNameA
GetAclInformation
LogonUserW
AddAce
RegDeleteKeyA
GetSecurityDescriptorSacl
NotifyChangeEventLog
GetTokenInformation
CloseEventLog
ReadEventLogA
OpenEventLogA
LsaQueryTrustedDomainInfo
BackupEventLogA
GetKernelObjectSecurity
RegSetValueA
RegLoadKeyW
LookupPrivilegeDisplayNameW
RegQueryValueW
AbortSystemShutdownW
RegSetValueW
RegDeleteValueW
CreateServiceA
BuildTrusteeWithNameA
EnumDependentServicesW
LsaEnumerateAccountsWithUserRight
GetSecurityInfo
SetServiceStatus
RegReplaceKeyW
RegEnumValueW
SetSecurityInfo

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

590f09ca0a2c68be2d0601a32ad00c12

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

advapi32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 4.0MB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 4.0MB

.rsrc
Size: 32KB - Virtual size: 31KB