VirusShare_4d28930eea98c99fa0e38f7ee96a2444

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_4d28930eea98c99fa0e38f7ee96a2444
Size

124KB
MD5

4d28930eea98c99fa0e38f7ee96a2444
SHA1

b50d9a9a8395ce485b13a649bf1382e0aad06882
SHA256

780533d8228b00d4382648143fece6cc670de668b04fa0546811e7453488d3cc
SHA512

ed3e5943b9f91376ee5f7e428e44f380f4d12872be07355a704043742008dc12915cbaebfcc88b1eac1f607038c3a1c69c1b39189455efde10fa5f886cd19e11
SSDEEP

3072:gxtQT7n+VUuTBfKL31tPt0KozlvbGdTnLxMve7NlZtB:2tQTWF1wOnWhMWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_4d28930eea98c99fa0e38f7ee96a2444

Files

VirusShare_4d28930eea98c99fa0e38f7ee96a2444
.exe windows:4 windows x86 arch:x86

f5c5d9def13323c78dcc3cb887f754d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
PathFileExistsA

kernel32

IsBadCodePtr
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
SetFileAttributesA
GetFileAttributesA
IsBadReadPtr
CopyFileA
GetSystemDirectoryA
GetTickCount
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
MoveFileA
SetCurrentDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
FindClose
lstrlenA
FindFirstFileA
OpenFileMappingA
WinExec
SetFileTime
GetFileTime
ExitProcess
GetModuleFileNameA
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryA
GetCurrentDirectoryA
WriteFile
WideCharToMultiByte
GetVolumeInformationA
GetDiskFreeSpaceA
lstrcmpA
lstrcpyA
GetSystemInfo
GetSystemTimeAsFileTime
VirtualProtect
OpenProcess
lstrlenW
VirtualAllocEx
WriteProcessMemory
GetModuleHandleA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
ReleaseMutex
GetLastError
SetEndOfFile
HeapSize
FindNextFileA
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetStdHandle
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
LoadLibraryA
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetLocaleInfoA

user32

wsprintfW
wsprintfA

advapi32

OpenProcessToken
AdjustTokenPrivileges
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDeriveKey
CryptDecrypt
CryptAcquireContextA
CryptReleaseContext
CryptDestroyKey
LookupPrivilegeValueA

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5c5d9def13323c78dcc3cb887f754d7

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 28KB - Virtual size: 25KB