VirusShare_6a83a846244ddb4203902127294fd995

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_6a83a846244ddb4203902127294fd995
Size

196KB
MD5

6a83a846244ddb4203902127294fd995
SHA1

3aefc8c14d05ba03e56a79a3f3b0083928f8260b
SHA256

8131c49c9bf1746d8a62d00688fe06b5e0486c432cf04fb9551417400dcce641
SHA512

9a2c7105c377309917d4ade88d2ec2d0b9167dd1ee2a98963142134181157d6a268cb26d47fcf9858edff22b5bafc34904468e8ec90769603772fbb1e173052d
SSDEEP

3072:05LzbCcURim6TdEYd+bcsO8Dbu0V+DE55i/47CO7YgoFgIhpAhpqIM:HcImqYcbcstDbYy5hC8oFlQr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
VirusShare_6a83a846244ddb4203902127294fd995

Files

VirusShare_6a83a846244ddb4203902127294fd995
.exe windows:4 windows x86 arch:x86

e9220830acc9ceb00a9e1322cbb1f107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetComputerNameW
CreateProcessA
CompareStringW
HeapReAlloc
GetFileInformationByHandle
LocalSize
HeapUnlock

user32

SetWindowPlacement
SetCapture
GetDC
DrawIcon
GetParent
GetCapture
SetRectEmpty
CharUpperA
IsClipboardFormatAvailable
GetKeyboardLayoutList
GetWindowLongA
RegisterHotKey
ReleaseDC
AppendMenuW
GetMessagePos
IsWindowEnabled
SetWindowLongA
DdeConnect
CheckRadioButton
IsMenu
DrawTextA
mouse_event
MapVirtualKeyExW
SendInput
GetScrollPos
GetMenu
LoadIconA
DrawStateA
IsDlgButtonChecked
wvsprintfA
FindWindowW
ShowCursor
PtInRect
GetQueueStatus
CharPrevA
LoadAcceleratorsA
IsWindowVisible
MapWindowPoints
CharNextA
IsZoomed
MoveWindow
LockWindowUpdate
GetMenuItemID
GetCaretPos
GetForegroundWindow
GetDlgCtrlID
EnableWindow
ShowCaret
SetClassLongW
ClientToScreen
FindWindowExW
DialogBoxIndirectParamW
CharLowerW
DestroyMenu
GetScrollInfo
DrawIconEx
BeginDeferWindowPos
GetMessageA
CharPrevW
GetKeyState
SetKeyboardState
EmptyClipboard
DrawStateW
GetSysColorBrush
GetKeyNameTextW
GetClassNameW
GetDlgItemInt
WinHelpA
DrawTextExA
DefFrameProcW
GetLastActivePopup
SetMenuDefaultItem
SendDlgItemMessageA
LoadMenuW
CharToOemA
MessageBoxA
UnionRect
RegisterWindowMessageA
GetClassNameA
DeferWindowPos
FillRect
GetMenuState
GetProcessWindowStation
DefWindowProcA
GetCursorPos
SetWindowTextA
GetDlgItem

advapi32

OpenProcessToken
RegSetValueExW
AddAce
GetLengthSid
RevertToSelf
ReportEventW
RegCreateKeyW
OpenThreadToken
GetAce
GetUserNameA
RegQueryInfoKeyW
InitializeSid
CopySid
RegQueryValueA
RegUnLoadKeyW
SetSecurityDescriptorGroup
LsaQueryInformationPolicy
GetKernelObjectSecurity
RegisterEventSourceA
RegEnumKeyW
RegCreateKeyExA
RegOpenKeyExW
LsaFreeMemory
CloseServiceHandle
OpenSCManagerW
AllocateAndInitializeSid
SetSecurityDescriptorSacl
RegRestoreKeyW
AdjustTokenPrivileges
ControlService
StartServiceA
RegCreateKeyA
MakeAbsoluteSD
RegCloseKey
SetEntriesInAclW
QueryServiceConfigW
RegSetValueA
InitiateSystemShutdownA
RegDeleteKeyA
EnumDependentServicesA
LookupPrivilegeValueW

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9220830acc9ceb00a9e1322cbb1f107

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 32KB - Virtual size: 144KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 32KB - Virtual size: 144KB

.rsrc
Size: 48KB - Virtual size: 45KB