VirusShare_0a147c2141282a0053f5774c85520b37

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_0a147c2141282a0053f5774c85520b37
Size

294KB
MD5

0a147c2141282a0053f5774c85520b37
SHA1

fedcf8a3703e2ada7c847bd0840c10fcb26b5b70
SHA256

fbec1aaa71eb97c3380529c39cf523ffdc93b8087333b707366e6583ad9cddc3
SHA512

9d038bb060269f983bf9046aa2a62e602d6cc7785b4462bb8abeaa62bca6ee8efbbd664d879ea3906b34f26ee02fa8ef9c751d6f67843b6d7b7885bdbf9440a4
SSDEEP

6144:FxCSStoOC0jbA3pCrIyekXWAnp3thxT/2K1RsVV0A/O:HStU0jU3pfQ5p3PR2K1Ru2AG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_0a147c2141282a0053f5774c85520b37

Files

VirusShare_0a147c2141282a0053f5774c85520b37
.exe windows:5 windows x86 arch:x86

ec24633b244fac180c55eeb433333aea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetUserDefaultLCID
LoadLibraryA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
WideCharToMultiByte
GetProcAddress
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
RtlUnwind
LoadLibraryW
IsProcessorFeaturePresent
HeapSize
GetProfileStringA
GetFileType
LocalAlloc
GetLastError
MulDiv
HeapCreate
HeapAlloc
InitAtomTable
GetCurrentThreadId
SetLastError
GetCurrentThread
GetCurrentProcess
SetHandleCount
InterlockedDecrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
MultiByteToWideChar
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
LCMapStringW

user32

RegisterClassA
EndPaint
PostQuitMessage
FillRect
DrawTextA
GetParent
LoadMenuA
CharNextA
GetClientRect
SetFocus
BeginPaint
GetDC
GetQueueStatus
GetCapture
IntersectRect
GetScrollInfo
InvalidateRect
GetDlgItem
SetWindowLongW
DefWindowProcA
GetSysColor
GetCursorPos
ShowWindow
IsWindow
PostMessageA
CreateWindowExW
ScrollWindowEx
SendMessageW
UpdateWindow
EnableWindow
SetScrollInfo
GetClipboardOwner

gdi32

SetTextColor
DeleteDC
CreateFontA
GetDeviceCaps
SetBkColor
CreateDCA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
Ellipse
GetStockObject
CreateSolidBrush
TextOutA
BitBlt

advapi32

LsaFreeMemory

ole32

CoTaskMemFree

comctl32

ord410
CreateToolbarEx

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 183KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec24633b244fac180c55eeb433333aea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

comctl32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 183KB - Virtual size: 226KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 183KB - Virtual size: 226KB

.rsrc
Size: 16KB - Virtual size: 16KB