VirusShare_d79ad3c5292a297a5680fbb5fc27f3ff

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_d79ad3c5292a297a5680fbb5fc27f3ff
Size

525KB
MD5

d79ad3c5292a297a5680fbb5fc27f3ff
SHA1

5d860c382b96a4fb5c09cd9488475ed9630c2529
SHA256

92f96d0afb7e3d958bbda0de730b80e6e258a47f81a47199a2f44696fa7102c9
SHA512

3328e4dd7fed70907d39555b618af6dabb0dbecca7c83c4f22bff5f05c9c4889901f4ab52f4c875d1a098a510a38b1cd3609a29846bf92cc21e10348cbac0ec4
SSDEEP

12288:cUvLEL7cxu4G0SHwVw3GZ36M3ugN3hmN:cUvQLwjQjGYUukI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_d79ad3c5292a297a5680fbb5fc27f3ff

Files

VirusShare_d79ad3c5292a297a5680fbb5fc27f3ff
.exe windows:4 windows x86 arch:x86

729220d9d2ae0753cb076172f15c96e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListW
InternalExtractIconListW
ShellHookProc

user32

ChildWindowFromPoint
RegisterWindowMessageW
DrawFrameControl
EnumPropsW
RegisterClassExA
ShowCaret
DrawFocusRect
DlgDirListA
CopyIcon
CreateWindowExA
GetPropA
ReplyMessage
DdeGetData
MapVirtualKeyW
LoadCursorA
RegisterClassA
LoadAcceleratorsA
SetMenuItemBitmaps

kernel32

LoadLibraryExA
GetLocalTime
SetHandleCount
CloseHandle
GetVersion
GetTickCount
InterlockedDecrement
GetCurrentThread
FreeEnvironmentStringsA
GetFileType
GetStringTypeW
ExitProcess
InterlockedExchange
GetStartupInfoA
TerminateProcess
VirtualAlloc
GetOEMCP
SetCurrentDirectoryW
FlushFileBuffers
EnterCriticalSection
LoadLibraryA
GetCompressedFileSizeW
GetSystemTime
CreateMutexA
WriteFile
UnhandledExceptionFilter
SetEnvironmentVariableA
GetCurrentProcessId
CreateProcessA
GetCPInfo
GetCurrentThreadId
HeapReAlloc
MultiByteToWideChar
SetConsoleTitleA
WaitForMultipleObjectsEx
GetStringTypeA
SetLocaleInfoA
QueryPerformanceCounter
GetProcAddress
HeapDestroy
GetStdHandle
GetTimeZoneInformation
SetFilePointer
TlsFree
SetStdHandle
GetModuleFileNameA
OpenMutexA
GetEnvironmentStrings
VirtualQuery
HeapFree
TlsSetValue
LeaveCriticalSection
OpenWaitableTimerW
LCMapStringW
SetLastError
CompareStringW
InterlockedIncrement
WideCharToMultiByte
DeleteCriticalSection
FreeEnvironmentStringsW
IsBadWritePtr
GetEnvironmentStringsW
LocalUnlock
GetACP
HeapCreate
VirtualFree
GetCommandLineA
GetCurrentProcess
GetSystemTimeAsFileTime
LCMapStringA
GetProfileIntA
GetModuleHandleA
RtlUnwind
TlsAlloc
InitializeCriticalSection
GetLastError
CompareStringA
HeapAlloc
EnumSystemLocalesA
TlsGetValue
ReadFile

comctl32

InitCommonControlsEx

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 389KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

729220d9d2ae0753cb076172f15c96e4

Headers

File Characteristics

Imports

shell32

user32

kernel32

comctl32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 4KB - Virtual size: 23KB

.data Size: 389KB - Virtual size: 386KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 4KB - Virtual size: 23KB

.data
Size: 389KB - Virtual size: 386KB

.rsrc
Size: 10KB - Virtual size: 12KB