VirusShare_814c980f50499526d9c7a9c2a29a6e00

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_814c980f50499526d9c7a9c2a29a6e00
Size

180KB
MD5

814c980f50499526d9c7a9c2a29a6e00
SHA1

67ad7156af2d4347c8d0bf8d16c6dcfd601dbe3c
SHA256

61288ef50a08a6c989aef5d421aba252776cbc8fc7b0d9d56bf3e0ad53c8f915
SHA512

6ae9904761ce902c38e2298ffb0d691bac53028ee7872d772a87e2f3dce844cc8802cfce82b72f13bc1dc8e1ced81e7a23c0491ffac7e9d3e5db66f226e0dd77
SSDEEP

3072:C14uFIfGjlOuQMqMEJVgsTvdk3ajCGc0Wizigc:3uFIfGjlOuQMYVg33aFWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_814c980f50499526d9c7a9c2a29a6e00

Files

VirusShare_814c980f50499526d9c7a9c2a29a6e00
.dll windows:4 windows x86 arch:x86

d6df7a28557624ba83f9e97fad862cb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\To\The\You\Device.pdb

Imports

kernel32

GetModuleHandleW
SetCriticalSectionSpinCount
VirtualAlloc
MapViewOfFileEx
PostQueuedCompletionStatus
SetLastError
WaitForSingleObject
SetThreadPriorityBoost
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnmapViewOfFile
LoadLibraryA
LocalAlloc
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
CancelIo
GetOverlappedResult
GlobalFree
WaitForSingleObjectEx
lstrcatA
FileTimeToSystemTime
GetComputerNameA
TransactNamedPipe
SetNamedPipeHandleState
WaitNamedPipeW
FlushFileBuffers
lstrcmpiA
ConnectNamedPipe
CreateNamedPipeW
GetQueuedCompletionStatus
CreateIoCompletionPort
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetSystemDirectoryW
lstrlenW
VirtualProtect
GetSystemInfo
TlsSetValue
TlsAlloc
TlsGetValue
VirtualFree
IsBadWritePtr
WideCharToMultiByte
GetModuleFileNameA
GetComputerNameExW
GetSystemTimeAsFileTime
lstrcpyA
lstrcmpW
InterlockedExchangeAdd
LocalFree
GlobalMemoryStatusEx
QueueUserAPC
DuplicateHandle
CreateThread
SetUnhandledExceptionFilter
RaiseException
CreateEventW
HeapAlloc
HeapFree
GetCommandLineW
CreateFileW
WriteFile
GetCurrentProcessId
ResetEvent
CompareStringW
InterlockedExchange
GetCurrentThreadId
Sleep
lstrlenA
InterlockedCompareExchange
SetEvent
InterlockedDecrement
InterlockedIncrement
FormatMessageW
FormatMessageA
GetCurrentThread
GetCurrentProcess
CloseHandle
GetTickCount
GetComputerNameW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
GetProcessHeap
DisconnectNamedPipe
HeapReAlloc
GetStartupInfoA
GetCurrentDirectoryA
SetHandleInformation
ExitThread

advapi32

OpenProcessToken
RevertToSelf
OpenThreadToken
LookupAccountSidW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegQueryInfoKeyA
RegEnumValueA
RegEnumValueW
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorControl
IsValidSecurityDescriptor
CredIsMarshaledCredentialW
CredUnmarshalCredentialW
CopySid
GetLengthSid
LookupAccountNameW
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
EqualSid
IsValidSid
CloseServiceHandle
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyW
ImpersonateNamedPipeClient
GetTokenInformation
SetThreadToken

msvcrt

toupper

secur32

GetUserNameExW

Exports

Exports

AssignToBeing
AuthenticatedServerOrBeOr
CALsThe
DeviceYour
InstancesCALs

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 822B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6df7a28557624ba83f9e97fad862cb4

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

msvcrt

secur32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 48KB - Virtual size: 112KB

.rsrc Size: 68KB - Virtual size: 64KB

.reloc Size: 4KB - Virtual size: 822B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 48KB - Virtual size: 112KB

.rsrc
Size: 68KB - Virtual size: 64KB

.reloc
Size: 4KB - Virtual size: 822B