VirusShare_7e3a497f76a5f81c10ef3d7e387c6f46

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_7e3a497f76a5f81c10ef3d7e387c6f46
Size

174KB
MD5

7e3a497f76a5f81c10ef3d7e387c6f46
SHA1

363fb731b0c7c717879de05fb58dbf79e8d74476
SHA256

8ae0067a6349c05c261217f201565c1b05120d6fd14003a7118a95c1e9cd89de
SHA512

84070dc66e104ddd88addd163605fd88158c75a9a8590fe5483e40861f474d825b9270dc9ce028278e073e4e84196280b710dfd0a87e14f2430a193a8de116c3
SSDEEP

3072:GROWGXrk2GQ444U7cGcg3301OUBcL7FyBErdwBLKXN86UEO:GUP7kf4RdnOuyqSLKO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_7e3a497f76a5f81c10ef3d7e387c6f46

Files

VirusShare_7e3a497f76a5f81c10ef3d7e387c6f46
.exe windows:5 windows x86 arch:x86

89a0214d017bca5a842c88bf6034ae2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
LoadLibraryExA
GetCPInfo
SetHandleCount
GetUserDefaultLangID
GetNumberFormatA
GetModuleFileNameA
CreateFileMappingA
GetCurrentProcess
FindFirstFileA
GlobalSize
EnterCriticalSection
HeapFree
GlobalAlloc
FileTimeToLocalFileTime
GlobalDeleteAtom
GetOEMCP
CompareStringW
GetVersionExA
CompareFileTime
GetLocaleInfoA
lstrcmpiA
SizeofResource
FreeLibrary
CreateEventA
GetThreadLocale
FindNextChangeNotification
lstrcpyA
UnlockFile
HeapReAlloc
WriteFile
LocalFileTimeToFileTime
GetLastError
lstrcmpW
GetCurrentDirectoryA
TerminateProcess
SetFilePointer
FindCloseChangeNotification
RemoveDirectoryA
FileTimeToSystemTime
GetFileInformationByHandle
GetProcAddress
InitializeCriticalSection
lstrcpynA
LoadLibraryW
GetShortPathNameA
GetSystemInfo
WaitForMultipleObjects
RtlUnwind
HeapSetInformation
GlobalUnlock
InterlockedExchange
TlsFree
SetCurrentDirectoryA
GetFileSizeEx
MulDiv
GetModuleHandleA
GetVolumeInformationA
Sleep
SetErrorMode
lstrlenW
_lclose
HeapCreate
GetTempPathA
FindClose
WaitForSingleObject
SystemTimeToFileTime
ReplaceFileA
GetCommandLineA
lstrcmpA
FindNextFileA
GetFileSize
GlobalHandle
VirtualAlloc
FileTimeToDosDateTime
TlsGetValue
VirtualProtect
GetFileTime
GlobalGetAtomNameA
FlushFileBuffers
GlobalReAlloc
HeapQueryInformation
GetConsoleMode
VirtualQuery
SearchPathA
GetSystemDirectoryW
GetSystemTimeAsFileTime
SetFileAttributesA
UnmapViewOfFile
GlobalFindAtomA
CreateFileA
ConvertDefaultLocale
MoveFileA
SuspendThread
ResetEvent
FindResourceExW
FormatMessageA
lstrlenA
OpenFile
GetEnvironmentStringsW
GetUserDefaultUILanguage
DeleteFileA
EnumResourceNamesA
ResumeThread
GlobalAddAtomA
GetTickCount
GetStringTypeW
GetStringTypeExA
GetStdHandle
GetModuleFileNameW
SetThreadPriority
GetDiskFreeSpaceA
CreateFileW
SetFileTime
QueryPerformanceCounter
GetCurrentProcessId
EnumResourceTypesA
WinExec
HeapAlloc
GetFileAttributesA
FreeResource
WritePrivateProfileStringA
LoadResource
EnumResourceLanguagesA
GetDriveTypeA
SetPriorityClass
GetProfileIntA
FindResourceExA
GetCurrentDirectoryW
WriteConsoleW
FindResourceW
IsProcessorFeaturePresent
TlsAlloc
ReadFile
ExitProcess
LCMapStringW
GetFileAttributesExA
DeleteCriticalSection
QueryPerformanceFrequency
GetPrivateProfileStringA
ExitThread
GetFileType
GetDriveTypeW
InterlockedIncrement
_lread
LocalUnlock
GetFullPathNameA
GetCurrentThreadId
GetACP
GlobalFlags
SetLastError
LocalReAlloc
GetStartupInfoW
GetSystemDirectoryA
FindFirstFileExA
LockResource
GlobalLock
GlobalFree
CloseHandle
FindResourceA
CreateDirectoryA
RaiseException
CreateThread
CopyFileA
GetCurrentThread
WideCharToMultiByte
LockFile
GetEnvironmentVariableW
LoadLibraryExW
VirtualProtectEx
OpenWaitableTimerW
AddAtomW
CancelIo
GetVersion
GlobalAddAtomW
GetPrivateProfileIntA
IsValidCodePage
TlsSetValue
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
SetEnvironmentVariableA
MapViewOfFile
DosDateTimeToFileTime
CompareStringA
GetLocalTime
GetConsoleCP
SetEndOfFile
SetEvent
GetTimeZoneInformation
LeaveCriticalSection
UnhandledExceptionFilter
_lwrite
LocalLock
IsDebuggerPresent
lstrcatA
MultiByteToWideChar
InterlockedDecrement
FindFirstChangeNotificationA
CreateProcessA
LocalFree
_lcreat
GetTempFileNameA
GetSystemDefaultUILanguage
SetStdHandle
GetWindowsDirectoryA
LocalAlloc
GetProcessHeap
LoadLibraryA
HeapSize
FreeEnvironmentStringsW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount

user32

IsWindowVisible
wsprintfW
CharUpperA
SetForegroundWindow
LoadStringA
LoadIconA

advapi32

OpenSCManagerW
GetTokenInformation
OpenServiceW
DeregisterEventSource
ControlService
GetNamedSecurityInfoW
CloseServiceHandle
DuplicateTokenEx
RegSetValueExW
RegisterServiceCtrlHandlerExW
SetServiceStatus
BuildExplicitAccessWithNameW
RevertToSelf
StartServiceW
OpenProcessToken
RegOpenKeyExW
StartServiceCtrlDispatcherW
CreateServiceW
CreateProcessAsUserW
DeleteService
RegQueryValueExW
RegEnumKeyW
SetEntriesInAclW
QueryServiceStatusEx
RegCreateKeyW
ReportEventW
RegCreateKeyExW
RegisterEventSourceW
RegCloseKey
SetNamedSecurityInfoW
EnumDependentServicesW
ChangeServiceConfigW
RegOpenKeyW
SetTokenInformation

shell32

SHGetMalloc
SHEmptyRecycleBinW
SHGetSpecialFolderPathW

ole32

CoInitialize

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
StrStrIW
PathQuoteSpacesW
PathAppendW

version

VerQueryValueW

oledlg

ord8

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

psapi

GetModuleInformation
GetModuleFileNameExW

msvcrt

__set_app_type
exit
_CIsin
_except_handler3

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89a0214d017bca5a842c88bf6034ae2f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

userenv

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 43KB - Virtual size: 139KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 43KB - Virtual size: 139KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 10KB - Virtual size: 10KB