virussign[.]com_6d2c6b64410e1fbe1868a5b7abc52770[.]vir

Sharing

Copy URL Twitter E-mail

General

Target

virussign.com_6d2c6b64410e1fbe1868a5b7abc52770.vir
Size

128KB
MD5

6d2c6b64410e1fbe1868a5b7abc52770
SHA1

8d20aa75a3fce11f3612680942b23d99aa89f53a
SHA256

115f33d67255e501c25e7626e9052eea233f9509a294987a21a82b50140cf306
SHA512

c9725c113e171458eff576117638f2300e123f31905b4b34500980626bc41f6c73bd0d75824d4c8ddbd572763cca765961936c9e92d551daef00ecec39490620
SSDEEP

1536:iTgPLDONsyKG+U41D9WhbT6/X4/rF/0eG460ihRK1NvqtsrASSQslfq:ikTDi7QD9z/4x/0e80i+wsEysl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
virussign.com_6d2c6b64410e1fbe1868a5b7abc52770.vir

Files

virussign.com_6d2c6b64410e1fbe1868a5b7abc52770.vir
.exe windows:4 windows x86 arch:x86

20c3d451c8fb0a32724a972e6cb11321

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

kernel32

WriteFile
SetEndOfFile
FlushFileBuffers
SetFilePointer
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
ReadFile
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetPriorityClass
SetPriorityClass
GetVersionExA
GlobalMemoryStatus
CreateProcessA
CloseHandle
WaitForSingleObject
GetWindowsDirectoryA
Sleep
WinExec
FreeLibrary
LoadLibraryA
CreateFileA
GetCPInfo
SetErrorMode
GetOEMCP
GetProcessVersion
WritePrivateProfileStringA
TlsGetValue
GlobalFlags
lstrcpynA
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
MulDiv
InitializeCriticalSection
LocalAlloc
lstrcatA
SetLastError
GetVersion
UnhandledExceptionFilter
GlobalFindAtomA
GetProcAddress
GlobalGetAtomNameA
GlobalAddAtomA
GlobalUnlock
lstrcpyA
GetModuleHandleA
FindResourceA
GlobalFree
LockResource
InterlockedDecrement
LoadResource
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrlenA
GetModuleFileNameA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
GetCurrentThread
lstrcmpA
lstrcmpiA
GetCurrentThreadId
LocalFree
GetLastError
GetDiskFreeSpaceExA
GetLogicalDrives
GetDriveTypeA
FreeEnvironmentStringsA
GetCurrentProcess
FreeEnvironmentStringsW

user32

AdjustWindowRectEx
CopyRect
SetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
GetSysColor
IsDialogMessageA
ShowWindow
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
SetWindowTextA
GetSysColorBrush
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetTopWindow
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
LoadStringA
GetClassInfoA
wsprintfA
GetMenuItemID
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
MessageBoxA
GetDlgItem
DestroyWindow
GetWindowRect
UnregisterClassA

gdi32

CreateBitmap
SetTextColor
SetBkColor
GetClipBox
DeleteDC
GetObjectA
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA

comctl32

ord17

winmm

timeGetTime

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20c3d451c8fb0a32724a972e6cb11321

Headers

File Characteristics

Imports

shfolder

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

winmm

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 10KB