VirusShare_66bb8d1814aec795f1fde10d2bcbc950

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_66bb8d1814aec795f1fde10d2bcbc950
Size

152KB
MD5

66bb8d1814aec795f1fde10d2bcbc950
SHA1

15c07ca4068d9118c229ad6c835a54a8cb0902e4
SHA256

22a10452eb35ab4eff0151a23790ff27467fc18c0b86cdc5b07febc2a0d3cd24
SHA512

329929128e860c4a7dbe6d36e358a29707fa2c865f6688e40dd56c828b8e54d25ecd84837ee534bb0a5068398838eee5f811ff4fc86e34caaa4b403ffc8dd66b
SSDEEP

3072:X5pyRWCd7e/7sUBajHTkZxc2vaq58jG929uFfE:XDyRWYeDsUHEbAeGsQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_66bb8d1814aec795f1fde10d2bcbc950

Files

VirusShare_66bb8d1814aec795f1fde10d2bcbc950
.exe windows:5 windows x86 arch:x86

0256bc65d520daeb6545dbc24a8998c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetFileTime
SetHandleCount
GetStringTypeW
RemoveDirectoryA
HeapFree
InterlockedExchange
GetCurrentDirectoryA
GetModuleFileNameA
FormatMessageA
GlobalFree
DuplicateHandle
lstrcatA
WriteConsoleW
LockResource
LoadLibraryW
GetOEMCP
GetCommandLineA
LocalLock
GetCPInfo
MulDiv
GetFileTime
SetPriorityClass
GetCurrentThread
LocalReAlloc
FileTimeToSystemTime
lstrcmpW
GetModuleFileNameW
LocalFree
CompareStringW
CreateEventA
SystemTimeToFileTime
SetFileAttributesA
HeapAlloc
SetCurrentDirectoryA
GetProfileIntA
ConvertDefaultLocale
QueryPerformanceFrequency
ResetEvent
LoadLibraryExA
GetShortPathNameA
MultiByteToWideChar
GetFileInformationByHandle
GetCurrentProcess
CreateProcessA
InterlockedIncrement
GetCurrentDirectoryW
UnlockFile
FlushFileBuffers
TlsAlloc
RtlUnwind
FindFirstChangeNotificationA
FileTimeToDosDateTime
GlobalUnlock
SearchPathA
SetFilePointer
CreateDirectoryA
GlobalReAlloc
DeleteCriticalSection
IsValidCodePage
FindResourceExA
GetPrivateProfileIntA
GetVersionExA
CompareStringA
EnumResourceLanguagesA
LCMapStringW
SetEvent
GlobalFlags
GetModuleHandleW
GetSystemDefaultUILanguage
lstrcmpiA
GetStdHandle
GetFileSizeEx
Sleep
LocalUnlock
HeapCreate
LocalAlloc
SuspendThread
OpenFile
ExpandEnvironmentStringsA
WinExec
GetPrivateProfileStringA
GetSystemTimeAsFileTime
CompareFileTime
HeapQueryInformation
FileTimeToLocalFileTime
CreateFileMappingA
LocalFileTimeToFileTime
GetACP
GetFileType
GetTempFileNameA
SetEndOfFile
GetVolumeInformationA
DosDateTimeToFileTime
InitializeCriticalSectionAndSpinCount
TlsFree
GetSystemDirectoryW
InterlockedDecrement
GetFileAttributesExA
ResumeThread
FindCloseChangeNotification
WriteFile
WritePrivateProfileStringA
GetConsoleCP
GetDriveTypeA
CreateFileW
GetDriveTypeW
lstrcpyA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
TlsSetValue
TlsGetValue
FreeResource
GlobalAddAtomA
GlobalLock
GlobalDeleteAtom
lstrcpynA
CreateFileA
MoveFileA
UnhandledExceptionFilter
FindResourceA
GetFullPathNameA
GlobalFindAtomA
GetWindowsDirectoryA
IsDebuggerPresent
FindNextChangeNotification
HeapSize
GetLastError
CloseHandle
GetUserDefaultLangID
MapViewOfFile
QueryPerformanceCounter
HeapSetInformation
GetStartupInfoW
LeaveCriticalSection
GetTimeZoneInformation
GetProcAddress
lstrlenA
SetThreadPriority
FindResourceExW
GetNumberFormatA
SetStdHandle
GlobalHandle
InitializeCriticalSection
CreateThread
WideCharToMultiByte
GetDiskFreeSpaceA
GetLocalTime
lstrlenW
GlobalGetAtomNameA
EnterCriticalSection
SetErrorMode
GetLocaleInfoA
RaiseException
SizeofResource
GetStringTypeExA
GetEnvironmentStringsW
GetSystemInfo
TerminateProcess
GetConsoleMode
LockFile
GetThreadLocale
GetFileAttributesA
GlobalSize
IsProcessorFeaturePresent
SetLastError
lstrcmpA
GetUserDefaultUILanguage
DeleteFileA
LoadResource
GetCurrentThreadId
SetEnvironmentVariableA
CopyFileA
GetProcessHeap
WaitForSingleObject
GetFileSize
GetTempPathA
LoadLibraryA
FindResourceW
WaitForMultipleObjects
VirtualProtect
GetModuleHandleA
GlobalFindAtomW
FindAtomA
GetTickCount
GetCurrentProcessId

user32

MonitorFromWindow
EnumChildWindows
DrawTextW
CallWindowProcW
DispatchMessageW
MessageBeep
GetMenuItemCount
PostQuitMessage
GetMenuItemInfoW
CreatePopupMenu
GetFocus
GetWindowThreadProcessId
GetCursorPos
KillTimer
GetMonitorInfoW
TranslateMessage
SendMessageW
SetWindowTextW
GetClassNameW
TranslateAcceleratorW
CharNextW
SetCursor
LoadImageW
SetTimer
LoadCursorW
ShowWindow
SetWindowPos
PostMessageW
ScreenToClient
SetFocus
InvalidateRect
GetWindowLongW
SetWindowLongW
GetClientRect
GetParent
UnregisterClassA
PeekMessageW
TrackPopupMenuEx
MapWindowPoints
AppendMenuW
GetMessageW
MonitorFromPoint
ReleaseDC
EnumWindows
DestroyWindow
LoadStringA
LoadIconA
IsWindowEnabled
CharLowerW
GetForegroundWindow
GetKeyboardLayout
IsWindowVisible
EnableWindow
GetWindowTextW
DefWindowProcW
UpdateLayeredWindow
DestroyMenu
LoadMenuW
TrackMouseEvent
GetWindowRect
RemoveMenu
GetWindowDC
GetWindow
LoadStringW
DestroyCursor
PtInRect
IsWindow

gdi32

CloseFigure
BeginPath
AddFontMemResourceEx

advapi32

StartServiceCtrlDispatcherW
RevertToSelf
BuildExplicitAccessWithNameW
RegisterEventSourceW
RegOpenKeyA
SetServiceStatus
RegQueryValueExW
RegCloseKey
ReportEventW
QueryServiceStatusEx
CreateProcessAsUserW
ControlService
DeleteService
RegCreateKeyExW
RegCreateKeyW
GetNamedSecurityInfoW
OpenServiceW
GetTokenInformation
OpenSCManagerW
SetNamedSecurityInfoW
DeregisterEventSource
SetEntriesInAclW
RegSetValueExW
CloseServiceHandle
ChangeServiceConfigW
RegisterServiceCtrlHandlerExW
OpenProcessToken
RegOpenKeyExW
DuplicateTokenEx
CreateServiceW
EnumDependentServicesW
RegEnumKeyW
SetTokenInformation
StartServiceW

shell32

SHGetSpecialFolderPathW
SHEmptyRecycleBinW

ole32

CoInitialize

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathQuoteSpacesW
PathCombineW
PathRemoveFileSpecW
StrStrIW

version

VerQueryValueW

oledlg

OleUIBusyW
ord8

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetModuleFileNameExW
GetModuleInformation

msvcrt

_CIsin
_CIcos
exit
_except_handler3
free
malloc
__set_app_type

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data5
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0256bc65d520daeb6545dbc24a8998c4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

Sections

.text Size: 69KB - Virtual size: 68KB

.data5 Size: 512B - Virtual size: 4B

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 26KB - Virtual size: 69KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 69KB - Virtual size: 68KB

.data5
Size: 512B - Virtual size: 4B

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 26KB - Virtual size: 69KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 8KB - Virtual size: 7KB