VirusShare_0d2bcf8a2d4c4ced43d5b6efe39aa712

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_0d2bcf8a2d4c4ced43d5b6efe39aa712
Size

244KB
MD5

0d2bcf8a2d4c4ced43d5b6efe39aa712
SHA1

9718396a27ec090f5392e8e91a8c71f05623b74a
SHA256

34788994f4d7dd30f644796a869f0db7e3779999d25395b836153d108dc8a47d
SHA512

80441936f51f48c9e3784d7359ede589ee9b50dca4df2d31a0606c7b455adfa4d9a2d711e836eb1895ecbe16bfd3c99f5cf3f63501a6133fb5fa792a5985af57
SSDEEP

3072:wOSOrEj8LBctSm0mQec772UgH4juLAGg7oH/1XGQLChHVX0kUa:zSQEjoBTtecn4H4AE4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
VirusShare_0d2bcf8a2d4c4ced43d5b6efe39aa712

Files

VirusShare_0d2bcf8a2d4c4ced43d5b6efe39aa712
.exe windows:5 windows x86 arch:x86

341f687ed9758a0d34bd1c43c605d717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionW
GetCPInfo
TlsAlloc
VirtualAlloc
RaiseException
MulDiv
SizeofResource
VirtualFree
GetFileSize
GetPrivateProfileIntW
GetOEMCP
GetDateFormatA
EnumResourceLanguagesW
GlobalAlloc
GetDateFormatW
GetVolumeInformationW
GetCurrentProcessId
SetEnvironmentVariableA
GetPrivateProfileStringW
GlobalFlags
HeapAlloc
CopyFileW
GetDriveTypeW
ExpandEnvironmentStringsW
GetModuleFileNameW
GetLocaleInfoA
lstrcatW
IsBadWritePtr
InitializeCriticalSection
QueryPerformanceFrequency
FindNextFileW
FreeEnvironmentStringsA
DeleteCriticalSection
SetStdHandle
FreeEnvironmentStringsW
LocalReAlloc
GetTempPathW
ExitProcess
WritePrivateProfileStringW
GetCurrentProcess
GetStringTypeW
GetVersion
LCMapStringA
RtlUnwind
QueryPerformanceCounter
FindFirstFileW
lstrcmpW
GetLocalTime
TlsGetValue
FormatMessageW
GetFullPathNameW
HeapDestroy
CreateFileW
GetEnvironmentStrings
GetACP
IsBadCodePtr
IsValidCodePage
GetThreadLocale
GetStartupInfoW
ReadFile
SetUnhandledExceptionFilter
GetCurrentThread
WaitForMultipleObjects
LockResource
GetTickCount
LockFile
FindClose
GetTimeFormatW
LocalAlloc
GetLocaleInfoW
HeapSize
GetCurrentThreadId
CreateProcessW
HeapReAlloc
VirtualProtect
CreateDirectoryW
GetVersionExA
DeleteFileW
DuplicateHandle
HeapCreate
LCMapStringW
SetHandleCount
FileTimeToSystemTime
LoadResource
TlsFree
WriteFile
GetEnvironmentStringsW
TerminateProcess
GlobalFree
IsBadReadPtr
GetSystemTimeAsFileTime
LoadLibraryW
GlobalFindAtomW
GetFileType
CompareStringA
MapViewOfFile
FileTimeToLocalFileTime
CancelWaitableTimer
GetProcessHeap
ActivateActCtx
GetEnvironmentVariableA
OpenWaitableTimerA
OpenWaitableTimerW
AddAtomA
CancelIo
lstrcmpA
InterlockedDecrement
SetEndOfFile
GlobalHandle
lstrcpyW
GlobalDeleteAtom
UnhandledExceptionFilter
GetStringTypeA
GetCommandLineA
GetUserDefaultLCID
CreateWaitableTimerW
GetModuleHandleW
TlsSetValue
SetFileAttributesW
LeaveCriticalSection
SetFilePointer
InterlockedIncrement
InterlockedExchange
EnterCriticalSection
GetTimeZoneInformation
CompareStringW
UnmapViewOfFile
UnlockFile
GetStdHandle
GetFileTime
GetVersionExW
lstrcpynW
GetFileAttributesW
FlushFileBuffers
GetSystemInfo
GetTimeFormatA
SetWaitableTimer
SetErrorMode
HeapFree
CloseHandle
GetFileAttributesA
GetStartupInfoA
MultiByteToWideChar
SetLastError
LocalFree
lstrcpyA
lstrcpynA
GetLastError
LoadLibraryA
CreateMutexA
GetModuleFileNameA
GetProcAddress
lstrlenW
GetFullPathNameA
GetModuleHandleA
FreeLibrary
WideCharToMultiByte
AreFileApisANSI
VirtualQuery
lstrlenA

user32

CreateDialogIndirectParamW
GetWindowPlacement
PostMessageW
ValidateRect
EqualRect
GetNextDlgTabItem
RegisterClassW
RemovePropW
GetWindowDC
GetClassInfoExW
CheckMenuItem
CopyRect
CallWindowProcW
InvalidateRgn
GetAsyncKeyState
GetClassNameW
GetKeyState
SystemParametersInfoA
GetMessagePos
PeekMessageW
ClientToScreen
DrawTextExW
SetFocus
EndDialog
GetTopWindow
WinHelpW
IntersectRect
IsWindowVisible
IsWindowUnicode
wsprintfW
CharLowerW
GetClassInfoW
SendDlgItemMessageW
SetWindowTextW
GetWindowTextLengthW
GetActiveWindow
SetCursor
IsWindowEnabled
RegisterWindowMessageW
GetPropW
SetWindowLongW
SetWindowPos
EndPaint
UnregisterClassW
SetWindowContextHelpId
SetDlgItemTextW
GetNextDlgGroupItem
TranslateMessage
GetWindowTextW
GetSysColorBrush
BeginPaint
TabbedTextOutW
MapDialogRect
GetClassLongW
SetActiveWindow
GetMenuCheckMarkDimensions
MapWindowPoints
WindowFromPoint
DispatchMessageW
SendDlgItemMessageA
InvalidateRect
DrawTextW
ScreenToClient
SetPropW
GetDesktopWindow
GrayStringA
OffsetRect
SetRect
GetWindowRect
EnableWindow
IsZoomed
PtInRect
DrawTextA
TabbedTextOutA
GetCapture
GetMenuState
PostQuitMessage
GetMessageTime
IsDialogMessageW
SetMenuItemBitmaps
GetWindowLongW
GetFocus
GetForegroundWindow
AdjustWindowRectEx
GetWindow
ReleaseCapture
FillRect
GetParent
GetSystemMenu
GetDlgCtrlID
GetSystemMetrics
SetCapture
UpdateWindow
SetForegroundWindow
GetWindowTextA
SetWindowTextA
EnumChildWindows
CreateWindowExW
IsRectEmpty
IsChild
MessageBoxW
GetDlgItemTextW
GrayStringW
DefWindowProcA
IsWindow
SendMessageA

gdi32

GetObjectW
CreateDIBSection
DeleteDC
TextOutW
CreateCompatibleDC
SetBkColor
CreateBitmap
CreateRectRgnIndirect
GetTextExtentPoint32W
ExtTextOutW
SetDIBColorTable
SetMapMode
GetDeviceCaps
DeleteObject
RestoreDC
GetViewportExtEx
GetStockObject
GetWindowExtEx
SaveDC
TextOutA
PtVisible
CreatePalette
PtInRegion
CreatePolygonRgn
LPtoDP
RectVisible
GetTextColor
SetPixel
CombineRgn
CreateRectRgn
BitBlt
CreateFontIndirectA
GetClipBox
Polyline
GetObjectA
SetRectRgn
DPtoLP

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

shell32

SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
SHBindToParent
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteA
SHGetFolderLocation
SHFileOperationW

comctl32

ImageList_Destroy
PropertySheetW
ImageList_ReplaceIcon
ord17
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Create
CreatePropertySheetPageW
_TrackMouseEvent
InitCommonControlsEx
DestroyPropertySheetPage

shlwapi

PathStripToRootW
StrRetToBufW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetCancelConnectionW
WNetAddConnection2W

oledlg

OleUIBusyW

gdiplus

GdiplusStartup
GdipGetImagePaletteSize
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipBitmapUnlockBits
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImagePalette
GdipCloneImage
GdipFree
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdiplusShutdown
GdipAlloc
GdipDeleteGraphics

msvcrt

__CxxFrameHandler
_except_handler3
_mbscmp
_exit
exit
_strdup
_adjust_fdiv
__set_app_type
_mbsicmp
_onexit
_XcptFilter
__p__fmode
_setmbcp
_initterm
?terminate@@YAXXZ
_vsnprintf
__dllonexit
_controlfp
_splitpath
__p__commode
_acmdln
free
__setusermatherr
_CxxThrowException
__getmainargs
??1type_info@@UAE@XZ
_CIsin

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

341f687ed9758a0d34bd1c43c605d717

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

comctl32

shlwapi

version

mpr

oledlg

gdiplus

msvcrt

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 41KB - Virtual size: 45KB

.rsrc Size: 105KB - Virtual size: 105KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 41KB - Virtual size: 45KB

.rsrc
Size: 105KB - Virtual size: 105KB

.reloc
Size: 14KB - Virtual size: 13KB