VirusShare_dd896a17cfa2047f8f5145d0a33a4734

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_dd896a17cfa2047f8f5145d0a33a4734
Size

322KB
MD5

dd896a17cfa2047f8f5145d0a33a4734
SHA1

eb77dc1e4c49af5f723c636e4a893ff2458c0dfd
SHA256

04828c458931c818ccacb450951b8b4ff7aed87dec275d1f7b4f0f39f8ec9a7b
SHA512

4168b04def35655146da8cfdb687d4e26c70547ecc78acc211ac1e89c42d6ec0d0242a0c90bb98aa91deae6bbaef9360980ee67e3ee36ebf589cc2b34a11d0e7
SSDEEP

3072:/cELeQ/VLgg/wsYjkVK+mS5TTAGtA2rvtvAiRTMguD2grff15l85bms2gwheS3b3:/xL9/9gZsboS5PfJtkrl5mQNboC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_dd896a17cfa2047f8f5145d0a33a4734

Files

VirusShare_dd896a17cfa2047f8f5145d0a33a4734
.exe windows:5 windows x86 arch:x86

436bc3cf7374f579474e76ed5787d1f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
FindWindowExW
IsClipboardFormatAvailable
GetMenuItemID
GetClientRect
AppendMenuA
DispatchMessageA
GetDlgItemTextW
SendMessageW
OemToCharA
GetSubMenu
IsChild
GetKeyboardLayoutNameW
CreateIconFromResource
GetClassWord
MessageBoxW
PrintWindow
VkKeyScanW
ScrollWindow
DeferWindowPos
GetIconInfo
GetProcessWindowStation
CopyAcceleratorTableW
CopyImage

shell32

SHGetMalloc
SHGetFileInfoA

advapi32

RegCreateKeyW

gdi32

SetWindowExtEx
CreateFontIndirectA
GetROP2
MaskBlt
SetWindowOrgEx
SetDIBColorTable
GetCurrentObject
GetDeviceCaps
RemoveFontResourceExA
GdiGetBatchLimit
GetCharABCWidthsFloatA
DeleteObject
GetICMProfileA
LineTo
SetPixel
PlayMetaFile
RemoveFontMemResourceEx
DeleteMetaFile

kernel32

MultiByteToWideChar
SetEndOfFile
SetFilePointer
ReadFile
GetConsoleCP
SetStdHandle
IsValidCodePage
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetConsoleMode
VirtualFree
ReleaseMutex
TransmitCommChar
CreateMemoryResourceNotification
ClearCommError
GlobalWire
LocalShrink
GetNamedPipeHandleStateW
OpenProcess
PostQueuedCompletionStatus
GetProfileStringA
EncodePointer
DeviceIoControl
DuplicateHandle
GetExitCodeThread
OutputDebugStringA
FlushFileBuffers
GetVersionExA
GetCommandLineW
GetProcessHeap
GetSystemDirectoryA
HeapAlloc
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcessId
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
CloseHandle
GetFileType
CreateFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

436bc3cf7374f579474e76ed5787d1f4

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

kernel32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 24KB - Virtual size: 123KB

.rsrc Size: 223KB - Virtual size: 222KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 24KB - Virtual size: 123KB

.rsrc
Size: 223KB - Virtual size: 222KB