Static task
static1
Behavioral task
behavioral1
Sample
VirusShare_336b756b8a671a2972244ee95bf82f2b.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
VirusShare_336b756b8a671a2972244ee95bf82f2b.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
VirusShare_336b756b8a671a2972244ee95bf82f2b
-
Size
272KB
-
MD5
336b756b8a671a2972244ee95bf82f2b
-
SHA1
965c1984b9926506915121ca1b81bbb3bf9cbe38
-
SHA256
a665fb218bbcdd25651f93c26bb6e4f181a7167c2f1806c167e2f28e6515d9de
-
SHA512
2a9eaedaea8c40de780db0a43958c808b399bf9c9b4c71f4c57f453d2f85b891d2fe450d2b76d4194ecec251bdbb6348cf81c80934bd866006ace8f95fe4eb08
-
SSDEEP
6144:NiYIEfWKQM4+2j459HdrxrguebMxup4gqcuvR+3fe:NpIFKN4+2jOdrSueY2k5m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VirusShare_336b756b8a671a2972244ee95bf82f2b
Files
-
VirusShare_336b756b8a671a2972244ee95bf82f2b.exe windows:4 windows x86 arch:x86
9563b20931943bf3f64584b13c319b67
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoSizeA
VerQueryValueA
ole32
OleIsCurrentClipboard
OleDuplicateData
OleUninitialize
OleCreateLinkFromData
OleBuildVersion
CoCreateInstance
BindMoniker
OleCreateLink
CoLockObjectExternal
CoIsOle1Class
SetConvertStg
HBITMAP_UserUnmarshal
CoUnmarshalInterface
CreateGenericComposite
CoDisconnectObject
STGMEDIUM_UserUnmarshal
OleDestroyMenuDescriptor
HPALETTE_UserSize
OleSaveToStream
StgOpenStorageEx
CoReleaseMarshalData
MonikerCommonPrefixWith
HWND_UserMarshal
CoAddRefServerProcess
CLSIDFromString
CLIPFORMAT_UserUnmarshal
OleGetIconOfFile
OleQueryCreateFromData
CoRegisterPSClsid
CoGetClassObject
OleSetAutoConvert
OleLoadFromStream
CoFreeLibrary
OleConvertOLESTREAMToIStorageEx
StgIsStorageILockBytes
StgIsStorageFile
CoMarshalInterface
StgCreateDocfileOnILockBytes
FreePropVariantArray
GetHGlobalFromILockBytes
OleSetContainedObject
CoIsHandlerConnected
mpr
WNetGetProviderNameW
WNetCloseEnum
WNetGetUniversalNameA
WNetAddConnection3A
WNetAddConnectionA
WNetConnectionDialog1A
WNetGetUserA
WNetGetUniversalNameW
WNetEnumResourceW
WNetOpenEnumA
WNetCancelConnectionW
WNetOpenEnumW
WNetEnumResourceA
WNetAddConnection3W
WNetCancelConnectionA
WNetGetLastErrorA
MultinetGetConnectionPerformanceA
WNetCancelConnection2A
WNetGetProviderNameA
WNetAddConnectionW
MultinetGetConnectionPerformanceW
WNetAddConnection2W
WNetGetUserW
WNetConnectionDialog1W
WNetGetNetworkInformationA
WNetUseConnectionA
advapi32
RegQueryMultipleValuesA
GetAce
IsTokenRestricted
RegConnectRegistryA
OpenProcessToken
LsaNtStatusToWinError
QueryServiceConfig2W
LockServiceDatabase
GetAuditedPermissionsFromAclW
AreAnyAccessesGranted
RegConnectRegistryW
EqualSid
BuildImpersonateTrusteeA
AdjustTokenPrivileges
DecryptFileW
RegOverridePredefKey
IsValidSid
MakeAbsoluteSD
GetTrusteeFormW
GetSecurityDescriptorOwner
CreateServiceA
GetNamedSecurityInfoA
LookupPrivilegeDisplayNameW
SetKernelObjectSecurity
GetExplicitEntriesFromAclA
LogonUserA
RegEnumKeyExW
EncryptFileW
GetSidIdentifierAuthority
LsaQueryInformationPolicy
ControlService
GetNumberOfEventLogRecords
LsaSetTrustedDomainInfoByName
LookupPrivilegeValueW
GetNamedSecurityInfoW
FindFirstFreeAce
StartServiceCtrlDispatcherW
RegCreateKeyW
GetTrusteeFormA
LsaClose
GetMultipleTrusteeW
LsaOpenPolicy
RegDeleteValueA
RegOpenKeyExA
LookupPrivilegeNameW
AccessCheck
LogonUserW
SetThreadToken
RegCreateKeyA
GetServiceKeyNameW
GetOldestEventLogRecord
RegQueryValueA
RegisterEventSourceW
LookupAccountNameW
LsaSetDomainInformationPolicy
LookupSecurityDescriptorPartsA
GetKernelObjectSecurity
RegQueryMultipleValuesW
RegOpenKeyExW
DeregisterEventSource
ImpersonateLoggedOnUser
RegCreateKeyExA
GetTrusteeTypeA
BuildExplicitAccessWithNameW
SetEntriesInAclA
GetSecurityDescriptorDacl
FreeSid
ObjectPrivilegeAuditAlarmA
SetServiceObjectSecurity
QueryServiceLockStatusW
GetMultipleTrusteeA
RegRestoreKeyW
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherA
GetServiceDisplayNameW
RegEnumKeyA
ChangeServiceConfigA
SetAclInformation
InitiateSystemShutdownW
LsaRetrievePrivateData
LsaEnumerateAccountsWithUserRight
RegNotifyChangeKeyValue
RegReplaceKeyW
GetEffectiveRightsFromAclA
RegSaveKeyA
RegCloseKey
GetSecurityInfo
StartServiceA
NotifyChangeEventLog
RegDeleteKeyW
RegDeleteValueW
LsaEnumerateTrustedDomainsEx
SetPrivateObjectSecurity
SetEntriesInAclW
GetLengthSid
RegCreateKeyExW
QueryServiceLockStatusA
OpenServiceA
RegSetValueW
AddAuditAccessAce
ObjectOpenAuditAlarmW
PrivilegedServiceAuditAlarmW
RegSetKeySecurity
SetSecurityDescriptorOwner
GetTrusteeNameW
ReadEventLogA
SetFileSecurityW
CreatePrivateObjectSecurity
AbortSystemShutdownW
RegUnLoadKeyW
DuplicateTokenEx
LsaAddAccountRights
BuildTrusteeWithSidA
QueryServiceObjectSecurity
ClearEventLogW
SetSecurityDescriptorSacl
ObjectDeleteAuditAlarmW
LsaFreeMemory
ChangeServiceConfig2A
SetFileSecurityA
RegUnLoadKeyA
RegQueryValueExW
GetFileSecurityA
GetSecurityDescriptorControl
GetSidSubAuthorityCount
BuildTrusteeWithNameA
ReportEventW
AllocateAndInitializeSid
LsaQueryTrustedDomainInfoByName
BuildImpersonateExplicitAccessWithNameW
LsaDeleteTrustedDomain
OpenBackupEventLogA
IsTextUnicode
RegEnumValueA
ObjectCloseAuditAlarmA
LookupPrivilegeNameA
MapGenericMask
AdjustTokenGroups
CloseServiceHandle
SetServiceStatus
GetTokenInformation
RegLoadKeyA
DuplicateToken
InitializeSecurityDescriptor
GetSecurityDescriptorLength
CreateProcessAsUserA
GetAuditedPermissionsFromAclA
LookupSecurityDescriptorPartsW
EncryptFileA
LookupPrivilegeDisplayNameA
InitiateSystemShutdownA
BackupEventLogW
GetFileSecurityW
IsValidAcl
OpenBackupEventLogW
SetNamedSecurityInfoW
GetSecurityDescriptorGroup
RegSetValueExW
LsaCreateTrustedDomainEx
ChangeServiceConfigW
LsaSetTrustedDomainInformation
EnumServicesStatusA
AllocateLocallyUniqueId
MakeSelfRelativeSD
SetSecurityInfo
RegOpenKeyA
CloseEventLog
LsaSetInformationPolicy
ReadEventLogW
BuildImpersonateTrusteeW
SetNamedSecurityInfoA
GetSidSubAuthority
GetPrivateObjectSecurity
SetSecurityDescriptorGroup
GetExplicitEntriesFromAclW
BuildTrusteeWithNameW
BackupEventLogA
AddAccessAllowedAce
OpenServiceW
LookupPrivilegeValueA
CreateRestrictedToken
RegSetValueA
RegEnumValueW
GetServiceKeyNameA
RegGetKeySecurity
SetSecurityDescriptorDacl
RegisterEventSourceA
QueryServiceConfigA
RegReplaceKeyA
AddAce
RegLoadKeyW
EqualPrefixSid
BuildSecurityDescriptorW
OpenSCManagerW
AddAccessDeniedAce
BuildImpersonateExplicitAccessWithNameA
QueryServiceStatus
CopySid
GetSecurityDescriptorSacl
RegSetValueExA
RegOpenKeyW
LsaEnumerateAccountRights
RegQueryValueW
RegQueryInfoKeyW
BuildExplicitAccessWithNameA
DeleteService
EnumDependentServicesW
LookupAccountNameA
SetTokenInformation
ReportEventA
AccessCheckAndAuditAlarmA
LsaEnumerateTrustedDomains
GetSidLengthRequired
RegDeleteKeyA
GetUserNameW
RegisterServiceCtrlHandlerA
RegQueryValueExA
RevertToSelf
comdlg32
GetFileTitleA
GetFileTitleW
comctl32
ImageList_SetDragCursorImage
ImageList_EndDrag
CreateToolbarEx
ImageList_SetIconSize
InitializeFlatSB
DestroyPropertySheetPage
FlatSB_EnableScrollBar
ImageList_GetIcon
ImageList_Create
ord14
ImageList_Duplicate
ImageList_Destroy
shell32
ShellExecuteW
SHQueryRecycleBinW
SHGetDataFromIDListW
shlwapi
PathStripPathA
PathIsURLW
StrDupW
SHRegOpenUSKeyA
SHRegWriteUSValueA
SHGetValueW
PathCanonicalizeW
PathMakeSystemFolderW
SHRegDeleteEmptyUSKeyW
PathIsSystemFolderW
PathStripToRootW
PathRenameExtensionA
PathParseIconLocationA
SHEnumKeyExW
PathCommonPrefixW
SHQueryValueExA
PathSkipRootW
StrCSpnIW
PathIsRootA
StrCpyW
PathFindNextComponentW
PathGetArgsW
SHRegCreateUSKeyW
PathRemoveArgsA
SHSetValueW
PathIsUNCW
StrDupA
PathMatchSpecA
PathBuildRootA
PathStripPathW
PathAddExtensionW
StrTrimA
StrPBrkA
SHRegSetUSValueA
StrNCatA
ChrCmpIW
PathRemoveBackslashA
SHQueryValueExW
PathCanonicalizeA
PathMakePrettyW
PathIsFileSpecW
PathCombineA
PathAppendA
PathIsURLA
PathIsPrefixW
PathFindExtensionA
SHRegEnumUSValueW
PathCompactPathW
PathFindFileNameW
PathSkipRootA
PathRelativePathToW
SHRegCreateUSKeyA
SHDeleteEmptyKeyA
StrCatW
StrFromTimeIntervalW
StrToIntW
PathAppendW
SHRegEnumUSKeyA
PathIsUNCServerW
PathFindFileNameA
PathBuildRootW
StrTrimW
SHRegGetBoolUSValueW
SHCreateShellPalette
StrCmpIW
PathSetDlgItemPathA
SHOpenRegStreamA
PathStripToRootA
PathIsUNCA
PathRelativePathToA
PathRemoveFileSpecA
PathIsDirectoryA
PathRemoveArgsW
PathSearchAndQualifyA
PathIsRootW
PathCompactPathA
PathMatchSpecW
PathCompactPathExW
SHRegSetUSValueW
PathRemoveBlanksW
SHRegGetUSValueW
PathGetArgsA
PathMakePrettyA
PathIsPrefixA
PathUnquoteSpacesW
PathFindNextComponentA
PathAddExtensionA
SHRegQueryInfoUSKeyA
PathUnmakeSystemFolderA
SHRegCloseUSKey
StrIsIntlEqualW
PathFindExtensionW
SHRegDeleteEmptyUSKeyA
PathCommonPrefixA
PathAddBackslashW
SHGetValueA
SHRegOpenUSKeyW
PathQuoteSpacesW
PathSearchAndQualifyW
PathRemoveExtensionW
StrCSpnA
StrToIntA
PathIsRelativeW
PathSetDlgItemPathW
PathGetDriveNumberW
PathUnquoteSpacesA
SHDeleteValueW
StrSpnA
PathIsUNCServerShareA
PathParseIconLocationW
SHEnumKeyExA
SHDeleteValueA
PathCombineW
StrFormatByteSizeA
SHRegEnumUSKeyW
PathGetDriveNumberA
StrNCatW
SHRegGetBoolUSValueA
PathIsRelativeA
PathRemoveFileSpecW
PathFindOnPathA
StrToIntExW
ChrCmpIA
StrCSpnIA
PathIsUNCServerA
SHQueryInfoKeyW
StrFormatByteSizeW
PathAddBackslashA
PathIsContentTypeW
SHRegGetUSValueA
PathRemoveBackslashW
user32
SwitchDesktop
ClientToScreen
GetWindowDC
DefMDIChildProcW
EnumDesktopsW
DispatchMessageW
NotifyWinEvent
LoadAcceleratorsA
RegisterClipboardFormatW
ChangeMenuA
WinHelpA
RedrawWindow
ToUnicodeEx
IsZoomed
GetClassNameA
GetDCEx
OpenInputDesktop
EndDialog
GetUserObjectSecurity
GetClassLongW
GetSysColorBrush
CreateWindowStationW
CharNextA
LoadAcceleratorsW
ScreenToClient
SetMenuContextHelpId
PostQuitMessage
GetActiveWindow
RegisterClassExA
SetDlgItemTextA
SetUserObjectInformationW
GetSysColor
DdeClientTransaction
DestroyCaret
GetClassInfoA
DlgDirSelectExA
MessageBeep
ActivateKeyboardLayout
SwapMouseButton
ChangeDisplaySettingsW
IntersectRect
MapVirtualKeyA
LoadBitmapW
GetClipCursor
AppendMenuW
GetClipboardFormatNameW
OpenIcon
LockWindowUpdate
SetScrollPos
WaitForInputIdle
EnumPropsExA
VkKeyScanW
OpenDesktopW
PackDDElParam
DefWindowProcW
GetCaretPos
DrawIcon
IsWindowEnabled
IsCharLowerA
DrawTextExA
TrackPopupMenuEx
SetScrollInfo
ToAscii
RegisterClassW
LoadMenuIndirectW
SendDlgItemMessageA
ScrollWindowEx
CharUpperA
VkKeyScanExW
VkKeyScanExA
AdjustWindowRectEx
GetMenuStringW
GetUpdateRect
UnregisterClassA
DeleteMenu
GetCaretBlinkTime
MessageBoxIndirectW
LoadImageW
GetClassInfoW
FillRect
SetDlgItemInt
CreateIconIndirect
GetWindowTextW
EqualRect
AdjustWindowRect
GetAsyncKeyState
GetMessageExtraInfo
ChildWindowFromPointEx
IsDlgButtonChecked
CopyImage
RegisterHotKey
UnpackDDElParam
GetWindow
GetNextDlgGroupItem
EnumDisplaySettingsA
SetUserObjectSecurity
MapDialogRect
ReplyMessage
CreateAcceleratorTableA
DefMDIChildProcA
CreateIconFromResourceEx
InvalidateRgn
DlgDirSelectComboBoxExW
DdeUninitialize
CharToOemW
GetDoubleClickTime
ScrollDC
DefWindowProcA
EnumWindowStationsW
MapWindowPoints
CharLowerW
SetKeyboardState
CreateDialogIndirectParamA
ArrangeIconicWindows
IsWindowVisible
GetMessagePos
DlgDirListComboBoxW
GetWindowModuleFileNameA
GetKeyboardLayoutNameA
SetMenuItemInfoW
CharUpperW
IsDialogMessageA
UnregisterClassW
OpenWindowStationW
CheckRadioButton
DdeDisconnectList
SetWindowLongA
PtInRect
TileWindows
ShowWindowAsync
DdeFreeDataHandle
DdeEnableCallback
DlgDirSelectComboBoxExA
GetWindowModuleFileNameW
GetLastActivePopup
GetForegroundWindow
DialogBoxIndirectParamA
DestroyWindow
DdeSetUserHandle
DrawEdge
GetDlgItemInt
SystemParametersInfoA
MapVirtualKeyExA
GetFocus
IsWindowUnicode
GetClassInfoExA
DrawStateW
DdeCmpStringHandles
GetDialogBaseUnits
ChildWindowFromPoint
EndDeferWindowPos
CreatePopupMenu
LoadMenuA
SetPropA
DdeAddData
GetCapture
GetWindowWord
DdeAccessData
CreateDialogIndirectParamW
CreateMDIWindowW
PeekMessageW
DialogBoxIndirectParamW
IsWindow
VkKeyScanA
UnhookWinEvent
DeferWindowPos
DdeQueryNextServer
ChangeDisplaySettingsExA
MoveWindow
OemKeyScan
AppendMenuA
DlgDirListComboBoxA
DdeGetLastError
MenuItemFromPoint
CloseClipboard
SetMessageQueue
WaitMessage
ShowOwnedPopups
InsertMenuA
OpenClipboard
GetClipboardData
ShowScrollBar
GetMenuItemInfoW
GetTopWindow
InsertMenuW
SetMenuItemBitmaps
CreateDesktopA
DefDlgProcW
PostThreadMessageA
SendMessageCallbackW
PaintDesktop
SendMessageTimeoutW
GetWindowTextA
CallMsgFilterA
IMPSetIMEA
DestroyMenu
SetLastErrorEx
GetWindowLongW
SetDlgItemTextW
FreeDDElParam
LoadIconW
AnyPopup
ImpersonateDdeClientWindow
LoadImageA
GetMenuCheckMarkDimensions
SetThreadDesktop
SetSysColors
DdeUnaccessData
DdeQueryStringA
ShowWindow
ShowCursor
CallWindowProcA
GetKeyNameTextA
GetMessageW
wvsprintfW
EnumDesktopWindows
ExcludeUpdateRgn
CharLowerBuffW
EnumDisplaySettingsW
DlgDirSelectExW
OemToCharA
DlgDirListA
SetCursor
GetMenuItemID
MapVirtualKeyW
DrawFocusRect
GetTabbedTextExtentA
SendMessageTimeoutA
WindowFromDC
TranslateAcceleratorA
winmm
waveOutGetErrorTextW
midiOutGetErrorTextA
mmioOpenA
mmioRead
waveOutGetPlaybackRate
mixerGetNumDevs
waveOutRestart
OpenDriver
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetGuideLineW
ImmGetCompositionStringW
ImmSetConversionStatus
ImmUnregisterWordA
ImmIsUIMessageA
ImmGetContext
ImmNotifyIME
ImmUnregisterWordW
ImmIsUIMessageW
ImmGetGuideLineA
ImmCreateContext
ImmGetOpenStatus
ImmGetDescriptionA
ImmIsIME
ImmEnumRegisterWordA
ImmGetConversionListW
ImmSetCompositionStringA
ImmConfigureIMEA
ImmSetCompositionStringW
ImmRegisterWordW
ImmGetCompositionFontW
ImmAssociateContext
ImmGetProperty
ImmSetCandidateWindow
ImmGetIMEFileNameW
ImmGetCompositionFontA
ImmGetCandidateListW
ImmGetCompositionWindow
ImmInstallIMEA
ImmGetCompositionStringA
ImmGetConversionStatus
ImmGetStatusWindowPos
ImmGetIMEFileNameA
ImmEscapeW
ImmEscapeA
ImmConfigureIMEW
ImmGetCandidateWindow
ImmDestroyContext
ImmRegisterWordA
ImmSetStatusWindowPos
ImmSetCompositionFontW
ImmSetCompositionFontA
ImmGetRegisterWordStyleW
msvcrt
_exit
exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
kernel32
HeapDestroy
AddAtomW
CreateFileMappingW
GetPrivateProfileStructW
FreeEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
FreeLibraryAndExitThread
Sections
.text Size: 216KB - Virtual size: 213KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 915KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ