VirusShare_6c50563c188e9b4d0ca2438a876afac0

General

Target

VirusShare_6c50563c188e9b4d0ca2438a876afac0
Size

352KB
MD5

6c50563c188e9b4d0ca2438a876afac0
SHA1

18981e55e242ad0db0a49cbe243953e1054c1652
SHA256

0d5bacfb3965661ec5e2b3f32f6b486af004603434943d5f36e2dae45cfc4aae
SHA512

c1f440415f7b1606245630918b942185b23a72b5c0477e5ec33fcaf88cb3463aec314f773426de6c4b6044681f3e2b0ba513ed7cec995ff85e32a5c56e31d2e0
SSDEEP

6144:gL8v517s2jHHZMIHr1u7qjMbBPNxVUM5mKRgZY9FYV7PcP8wg:08v5Fs2jZMSr1u7qSPBUM5mK2ZY9CV7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_6c50563c188e9b4d0ca2438a876afac0

Files

VirusShare_6c50563c188e9b4d0ca2438a876afac0
.exe windows:4 windows x86 arch:x86

bad941ed994c7c56c561d24a90ae9f3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
SizeofResource
GetThreadContext
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
LockResource
GetModuleHandleA
FindResourceW
FreeResource
VirtualFree
VirtualAlloc
FlushFileBuffers
CloseHandle
HeapValidate
IsBadReadPtr
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapReAlloc
HeapDestroy
HeapCreate
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
WriteFile
GetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
InitializeCriticalSection
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
WideCharToMultiByte
LoadLibraryW
RtlUnwind
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA

user32

MessageBoxW

ole32

CoCreateInstance
CoInitializeEx

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bad941ed994c7c56c561d24a90ae9f3d

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 184KB - Virtual size: 182KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 184KB - Virtual size: 182KB