VirusShare_31b529d1c3a02e0f1e1cf20bfa2da1be

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_31b529d1c3a02e0f1e1cf20bfa2da1be
Size

108KB
MD5

31b529d1c3a02e0f1e1cf20bfa2da1be
SHA1

8ee77fd172d470105316065e101de003a9a8c06e
SHA256

9b84c2ef77b3c645bb643ee79de02a8a77eb81d79874cd6606edccd56314235b
SHA512

18b24355a2b0c31c9fe418d8891ed4f6f6689d983289cb8f8a9edc7500aad950726fd0f6c7affd25a13393cea386244696c3ba290614a839807e877e4d82fbcc
SSDEEP

1536:gntW+25LOq3FLpnlWOBuoiL7tNJBdHL1rRTMpWLIiyO18jt31hkHs80xwjf7OwpX:MS5d3DZs7tvHLgp4Iw8jtlhYB0xqD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_31b529d1c3a02e0f1e1cf20bfa2da1be

Files

VirusShare_31b529d1c3a02e0f1e1cf20bfa2da1be
.exe windows:4 windows x86 arch:x86

11dd67147d7d73026880657cc1016518

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext
ImmIsIME

user32

MapWindowPoints
OemToCharBuffA
LoadBitmapW
RegisterClipboardFormatW
SetRectEmpty
PostThreadMessageA
ShowWindow
TrackPopupMenu
PostMessageW
OffsetRect
RegisterClassExW
SetScrollPos
IsWindowVisible
SetClassLongW
TranslateAcceleratorW
SetClipboardData
IsCharAlphaW

kernel32

LZDone
LZDone
EnterCriticalSection
FindAtomA
CreateProcessA

gdi32

GetObjectType
CreatePenIndirect
PatBlt
SaveDC
GetTextAlign
MoveToEx
RestoreDC
GetCharWidthA
SetDIBColorTable
CreateICA
SetViewportExtEx
DPtoLP
GetTextColor
SetROP2
GetRgnBox
GetTextCharsetInfo
SetWindowExtEx
GetPixel
GetTextExtentPoint32A
RectVisible
ExtCreatePen
CreateCompatibleBitmap
GetDIBColorTable
GetBrushOrgEx
GetWindowOrgEx
SetBkMode
CreateFontA
GetTextMetricsA
GetObjectA
CreateDIBPatternBrushPt
SetPolyFillMode
GetTextExtentPoint32W
DeleteObject
ExtEscape
CreateFontIndirectW

winmm

waveInMessage
mmioOpenA
waveInGetID
waveInReset

advapi32

GetSidIdentifierAuthority
RegisterServiceCtrlHandlerA
RegQueryValueW
MakeAbsoluteSD
AddAce
CloseServiceHandle
InitializeSecurityDescriptor
InitiateSystemShutdownA
LookupPrivilegeValueW
DeleteService
GetKernelObjectSecurity
RegCreateKeyW
QueryServiceStatus
RegSetValueExW
OpenSCManagerA
SetSecurityDescriptorOwner
SetSecurityDescriptorSacl
LookupAccountNameW
StartServiceA
CreateServiceW
RegQueryInfoKeyW
RegisterEventSourceA
ChangeServiceConfigW
OpenSCManagerW
StartServiceCtrlDispatcherW
RevertToSelf
LsaQueryInformationPolicy
CopySid
RegDeleteKeyA
AllocateAndInitializeSid
QueryServiceConfigW
RegCreateKeyA

mpr

WNetCancelConnection2W
WNetGetUniversalNameA
WNetOpenEnumA
WNetOpenEnumW

version

GetFileVersionInfoA

imagehlp

SymGetSymFromAddr
MapFileAndCheckSumA
ImageGetDigestStream
EnumerateLoadedModules
ImageDirectoryEntryToData
MapFileAndCheckSumW
SymLoadModule

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11dd67147d7d73026880657cc1016518

Headers

File Characteristics

Imports

imm32

user32

kernel32

gdi32

winmm

advapi32

mpr

version

imagehlp

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 47KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 47KB

.rsrc
Size: 8KB - Virtual size: 7KB