VirusShare_62d009987645a1be8ebde5a13baeb9af

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_62d009987645a1be8ebde5a13baeb9af
Size

141KB
MD5

62d009987645a1be8ebde5a13baeb9af
SHA1

5d5097fe048f8042895859da66da8a06178de22f
SHA256

84ad1b1153d1afa3b07e962646ae9679a92ed59ab96d0a735dd6f9e4b204f3c2
SHA512

c2675e0759e848407371b5e57147bb1a7db5c302af4b93226f5961f6ab7cc1bcc4691c06011cbe6c01e2a0ae3f822372a2162e4ca7958988c242b5356da4929e
SSDEEP

3072:aimyWmfEM1SkHgbdu3aC2gTBTyIH53zAFJJG8W3:a4qbkH0XC2gc4se3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_62d009987645a1be8ebde5a13baeb9af

Files

VirusShare_62d009987645a1be8ebde5a13baeb9af
.exe windows:3 windows x86 arch:x86

a42a36e8a6ccefc3a097bc522ef086fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemDirectoryA
_lopen
LoadLibraryA
GetConsoleCP
GetOEMCP
GetConsoleCP
GetConsoleCP
GetACP
MulDiv
_lread

msoert2

CreateLogFile
CreateNotify

dnsapi

DnsNameCompare_A
DnsNameCompare_UTF8
DnsNameCompare_W
DnsNameCopy
DnsNameCopyAllocate
DnsNotifyResolver
DnsNotifyResolverClusterIp
DnsNotifyResolverEx
DnsQueryConfig
DnsQueryConfigAllocEx
DnsQueryConfigDword
DnsQueryExA
DnsQueryExUTF8
DnsQueryExW
DnsQuery_A
DnsQuery_UTF8
DnsQuery_W
DnsRecordBuild_UTF8
DnsRecordBuild_W
DnsRecordCompare
DnsRecordCopyEx
DnsRecordListFree
DnsRecordSetCompare
DnsRecordSetCopyEx
DnsRecordSetDetach
DnsRecordStringForType
DnsRecordStringForWritableType
DnsRecordTypeForName
DnsReleaseContextHandle
DnsRemoveRegistrations
DnsReplaceRecordSetA
DnsReplaceRecordSetUTF8
DnsReplaceRecordSetW
DnsReplaceRecordSetW

msrating

RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess
RatingCheckUserAccess

Sections

.ser
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

prot
Size: 6KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nine
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tranl
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

med
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a42a36e8a6ccefc3a097bc522ef086fa

Headers

File Characteristics

Imports

kernel32

msoert2

dnsapi

msrating

Sections

.ser Size: 2KB - Virtual size: 5KB

prot Size: 6KB - Virtual size: 93KB

nine Size: 129KB - Virtual size: 128KB

tranl Size: 512B - Virtual size: 512B

med Size: 512B - Virtual size: 512B

.ser
Size: 2KB - Virtual size: 5KB

prot
Size: 6KB - Virtual size: 93KB

nine
Size: 129KB - Virtual size: 128KB

tranl
Size: 512B - Virtual size: 512B

med
Size: 512B - Virtual size: 512B