VirusShare_16d228974aba192210e8144fa1717904

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_16d228974aba192210e8144fa1717904
Size

178KB
MD5

16d228974aba192210e8144fa1717904
SHA1

e3f4e9dc76c2d395a03f422afd47a624e1cb5740
SHA256

da213065eea9f75bad76091e5ec113db92c7eeb21dc3a3e2c23ba7cdc659df30
SHA512

675ff3f099ac0e5fdddd29644898bd6bad49ba17ba6479189f83d76d811fdef029f35f5e32e9aac9f75718b08afde294757b83c57f9375b33f554f5800f40e90
SSDEEP

3072:ulBDOgOYgE1WSvBpJMEzkn/nV/S3ci1Urd22lQicnH6cM2t+/EUD8qZJW54f1U:ubHwnflSMNrXcHXtnUDbZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_16d228974aba192210e8144fa1717904

Files

VirusShare_16d228974aba192210e8144fa1717904
.exe windows:5 windows x86 arch:x86

f14657623b66650a380bb54de0c993e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
IsDebuggerPresent
LCMapStringW
SetFileAttributesA
EnumResourceTypesA
FindNextChangeNotification
GetDriveTypeA
LockFile
DuplicateHandle
RaiseException
EnumResourceLanguagesA
FlushFileBuffers
LoadLibraryExA
LocalFree
FreeEnvironmentStringsW
GetUserDefaultUILanguage
SetUnhandledExceptionFilter
GetStringTypeExA
HeapSetInformation
GetVolumeInformationA
HeapCreate
MulDiv
FindFirstChangeNotificationA
GlobalAlloc
EnumResourceNamesA
SetThreadPriority
FreeLibrary
CreateFileA
WriteFile
SetCurrentDirectoryA
RtlUnwind
CopyFileA
Sleep
_lcreat
IsValidCodePage
UnhandledExceptionFilter
GetCurrentProcessId
HeapFree
MultiByteToWideChar
FileTimeToLocalFileTime
GetFileTime
SystemTimeToFileTime
GetStringTypeW
FindCloseChangeNotification
CreateProcessA
CreateDirectoryA
GetStdHandle
FileTimeToDosDateTime
FindResourceW
EnterCriticalSection
GetProfileIntA
GetFileInformationByHandle
lstrlenW
GetTimeZoneInformation
GetPrivateProfileIntA
GetConsoleCP
lstrcpynA
CompareStringA
GetDiskFreeSpaceA
GlobalReAlloc
GlobalUnlock
SetPriorityClass
GetCommandLineA
LocalAlloc
TlsFree
GetOEMCP
SetEndOfFile
lstrcatA
GetNumberFormatA
LocalUnlock
GlobalFlags
GetConsoleMode
GetSystemDirectoryW
GetFileSize
WritePrivateProfileStringA
GlobalFree
WriteConsoleW
GetSystemInfo
_lwrite
InitializeCriticalSectionAndSpinCount
CreateThread
SetHandleCount
FindClose
GetCurrentThreadId
SuspendThread
LockResource
HeapQueryInformation
GetUserDefaultLangID
WideCharToMultiByte
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GetCurrentThread
FreeResource
QueryPerformanceCounter
IsProcessorFeaturePresent
HeapAlloc
CloseHandle
GetFullPathNameA
GlobalHandle
DeleteFileA
lstrcpyA
SizeofResource
ReplaceFileA
FindResourceExW
CompareStringW
DosDateTimeToFileTime
LocalReAlloc
GetTempFileNameA
GlobalFindAtomA
GetEnvironmentStringsW
GetFileAttributesExA
FormatMessageA
GetSystemDefaultUILanguage
InterlockedExchange
_lclose
CreateFileMappingA
DeleteCriticalSection
GetThreadLocale
lstrcmpA
GetModuleFileNameW
GetDriveTypeW
OpenFile
GetProcessHeap
SetEvent
QueryPerformanceFrequency
CreateFileW
CompareFileTime
TerminateProcess
CreateEventA
InterlockedDecrement
GlobalGetAtomNameA
LocalFileTimeToFileTime
GetLocaleInfoA
GetFileType
lstrlenA
lstrcmpiA
FindFirstFileA
SetErrorMode
TlsAlloc
GetCurrentDirectoryW
GetShortPathNameA
GetFileAttributesA
GlobalLock
LeaveCriticalSection
lstrcmpW
TlsSetValue
FileTimeToSystemTime
HeapSize
GetPrivateProfileStringA
ResetEvent
SearchPathA
FindFirstFileExA
_lread
FindNextFileA
WaitForMultipleObjects
WaitForSingleObject
LoadLibraryA
MapViewOfFile
SetStdHandle
RemoveDirectoryA
GetCurrentDirectoryA
GetFileSizeEx
GlobalDeleteAtom
InitializeCriticalSection
SetFileTime
GetModuleFileNameA
TlsGetValue
MoveFileA
ResumeThread
InterlockedIncrement
SetFilePointer
GetCPInfo
UnlockFile
GetModuleHandleA
ConvertDefaultLocale
GetVersionExA
FindResourceExA
LocalLock
GetStartupInfoW
FindResourceA
GetLocalTime
GlobalSize
SetLastError
GetTempPathA
GetLastError
LoadResource
AreFileApisANSI
VirtualProtect
CancelIo
SetEnvironmentVariableA
AddAtomA
AddAtomW
OpenWaitableTimerA
GetProcAddress
GetACP
LoadLibraryW
GetModuleHandleW
GetCurrentProcess
WinExec
GlobalAddAtomA

user32

GetWindowTextW
PostQuitMessage
DestroyMenu
CharNextW
RemoveMenu
GetMonitorInfoW
GetClassNameW
ShowWindow
GetWindowLongW
MessageBeep
GetMenuItemCount
DestroyCursor
UnregisterClassA
UpdateLayeredWindow
TranslateAcceleratorW
ReleaseDC
GetWindowThreadProcessId
GetWindow
PtInRect
GetMessageW
LoadMenuW
KillTimer
TrackPopupMenuEx
TranslateMessage
LoadImageW
EnumChildWindows
LoadCursorW
DrawTextW
GetFocus
LoadStringW
GetWindowRect
SetFocus
GetParent
SendMessageW
MonitorFromWindow
SetWindowTextW
MonitorFromPoint
PostMessageW
ScreenToClient
GetMenuItemInfoW
SetWindowLongW
IsWindow
SetForegroundWindow
LoadStringA
LoadIconA
GetKeyboardLayout
CharLowerA
IsWindowUnicode
GetDesktopWindow
GetClientRect
SetCursor
EnumWindows
GetCursorPos
TrackMouseEvent
SetTimer
InvalidateRect
DispatchMessageW
CallWindowProcW
PeekMessageW
SetWindowPos
GetWindowDC
DefWindowProcW
AppendMenuW
CreatePopupMenu
MapWindowPoints

advapi32

RegSetValueExW
RegOpenKeyW
RegisterServiceCtrlHandlerExW
DuplicateTokenEx
OpenServiceW
SetServiceStatus
DeregisterEventSource
SetEntriesInAclW
CreateServiceW
RegCloseKey
ControlService
StartServiceW
RegOpenKeyExW
RegEnumKeyW
RegCreateKeyW
OpenSCManagerW
SetTokenInformation
EnumDependentServicesW
RegQueryValueExW
ReportEventW
CloseServiceHandle
GetNamedSecurityInfoW
CreateProcessAsUserW
ChangeServiceConfigW
RevertToSelf
StartServiceCtrlDispatcherW
OpenProcessToken
QueryServiceStatusEx
GetTokenInformation
RegCreateKeyExW
DeleteService
BuildExplicitAccessWithNameW
RegisterEventSourceW
SetNamedSecurityInfoW

shell32

SHGetMalloc
SHEmptyRecycleBinW
SHGetSpecialFolderPathW

ole32

CoInitialize

shlwapi

PathRemoveFileSpecW
PathCombineW
PathQuoteSpacesW
PathFindFileNameW
PathAppendW
StrStrIW
PathFileExistsW

version

VerQueryValueW

oledlg

ord8
OleUIBusyW

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

psapi

GetModuleBaseNameA
GetModuleInformation
GetModuleFileNameExW

msvcrt

_CIsin
_except_handler3
__set_app_type
_exit
exit

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f14657623b66650a380bb54de0c993e0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 18KB - Virtual size: 81KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 18KB - Virtual size: 81KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 5KB - Virtual size: 5KB