virussign[.]com_34855b9ab9b562dbdf76174326d17f60[.]vir

Sharing

Copy URL Twitter E-mail

General

Target

virussign.com_34855b9ab9b562dbdf76174326d17f60.vir
Size

64KB
MD5

34855b9ab9b562dbdf76174326d17f60
SHA1

46aae74c081a1181ec83abe247cde53997746aa2
SHA256

4acfe7c32c2dc81abb82258ac20a87c2dd76e095ccb1d91901c2531b5c87a3b5
SHA512

364ed387d01182e8d3ed7a400dc52412da90dfff18c925da32e7a12fc7bbd693537bfb32563af97b4a7256fdb9798a14c2105ed7543b7d7c98ea8b91466078b5
SSDEEP

768:O9pFIlZIbNwqE4fBjru9MOyAhU63E7NtKVxs+qLhQXY7QDtmcpJoj5VvpL/j/mbm:OfQ6bNw6tnAzELKVk3atTp83vpf/CLq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
virussign.com_34855b9ab9b562dbdf76174326d17f60.vir

Files

virussign.com_34855b9ab9b562dbdf76174326d17f60.vir
.exe windows:4 windows x86 arch:x86

76534d3357c907aeaa5f2c2b1336744f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EndUpdateResourceA
lstrlenA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
GetFileAttributesA
GetProcAddress
lstrcpynA
CreateThread
GetCurrentProcess
ResumeThread
SetThreadPriority
GetCurrentThread
EnumResourceNamesA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
WaitForSingleObject
ExitProcess
GetLastError
CreateMutexA
CopyFileA
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetOEMCP
FindResourceA
SizeofResource
LoadResource
LockResource
CreateFileA
WriteFile
CloseHandle
LoadLibraryA
CreateProcessA
Sleep
lstrcpyA
TerminateProcess
ExitThread
GetTickCount
GetSystemDirectoryA
lstrcatA
SetPriorityClass
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetVersionExA
HeapDestroy
HeapCreate
SetEnvironmentVariableA

user32

wsprintfA
PostMessageA
FindWindowA
FindWindowExA

advapi32

RegSetValueExA
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
RegOpenKeyA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ws2_32

setsockopt
sendto
inet_addr
WSAIoctl
socket
htons
connect
closesocket
recv
__WSAFDIsSet
select
gethostbyname
WSAStartup
send

shlwapi

StrChrA
StrToIntA
StrStrA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76534d3357c907aeaa5f2c2b1336744f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

shlwapi

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 8KB