VirusShare_8d46263135f36dbb74b76f41fa281a03

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_8d46263135f36dbb74b76f41fa281a03
Size

213KB
MD5

8d46263135f36dbb74b76f41fa281a03
SHA1

5345b95eeffb840a6623d210843f571bada6b4cf
SHA256

94e046790c870fad97efce83d368211b3f58d6771d642c2353a44a64d6000023
SHA512

2325f43646781022b2ef1aa6a643275029981a99de4f86819b705b0ffc63344f10fe11cd2560f1b6aa5b9229dbf62f23aedb1b92feab04e4748aad573ae1bf7e
SSDEEP

6144:2nwjd9P3sSlp8rGUNZdFdmriblEedlZoLsaowllkuCc:2wBx3sY8r9NZd5bl3lZowgHs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_8d46263135f36dbb74b76f41fa281a03

Files

VirusShare_8d46263135f36dbb74b76f41fa281a03
.exe windows:5 windows x86 arch:x86

bacb7a309a91ee92cfec7e92715ba206

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
InterlockedDecrement
InterlockedIncrement
GetOEMCP
HeapSetInformation
HeapReAlloc
SetThreadPriority
WinExec
GetCPInfo
GetNumberFormatA
GlobalLock
IsDebuggerPresent
GetCurrentThread
GetStartupInfoW
lstrlenW
ReplaceFileA
GlobalAlloc
lstrcpynA
LockResource
lstrcatA
FindCloseChangeNotification
SystemTimeToFileTime
TlsAlloc
HeapQueryInformation
FindClose
SetStdHandle
GetVersionExA
GetConsoleMode
GetEnvironmentStringsW
GetCommandLineA
GetFileSizeEx
CreateThread
FileTimeToDosDateTime
CompareFileTime
DuplicateHandle
WideCharToMultiByte
FindResourceW
IsProcessorFeaturePresent
SetFileAttributesA
SetEvent
GlobalReAlloc
FindNextFileA
GlobalDeleteAtom
GetSystemDirectoryW
GetUserDefaultLangID
CreateDirectoryA
SetFileTime
ResumeThread
LeaveCriticalSection
CopyFileA
DosDateTimeToFileTime
CloseHandle
LocalLock
InterlockedExchange
LockFile
_lwrite
GetStringTypeExA
GetModuleFileNameW
ConvertDefaultLocale
FindFirstFileExA
GetVolumeInformationA
FindResourceA
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetDiskFreeSpaceA
SetHandleCount
QueryPerformanceCounter
MoveFileA
RemoveDirectoryA
FreeLibrary
GetCurrentThreadId
FindFirstChangeNotificationA
TlsGetValue
LoadLibraryExA
SetFilePointer
GetThreadLocale
OpenFile
CompareStringA
LoadLibraryA
EnumResourceLanguagesA
GetSystemTimeAsFileTime
RtlUnwind
FlushFileBuffers
WriteConsoleW
GetCurrentDirectoryA
CreateProcessA
SetUnhandledExceptionFilter
SizeofResource
LCMapStringW
GetPrivateProfileStringA
EnumResourceTypesA
LocalReAlloc
GetSystemInfo
CreateFileA
CreateEventA
GetDriveTypeW
SetEndOfFile
GetTimeZoneInformation
GetModuleFileNameA
GetSystemDefaultUILanguage
GetWindowsDirectoryA
GetFileInformationByHandle
GetDriveTypeA
GlobalHandle
MultiByteToWideChar
GetProfileIntA
SetLastError
FindResourceExW
lstrcmpiA
WaitForMultipleObjects
GlobalFlags
GetStdHandle
GetFileAttributesExA
GetModuleHandleA
Sleep
GetLastError
GetCurrentDirectoryW
FreeEnvironmentStringsW
LoadResource
ResetEvent
QueryPerformanceFrequency
GetCurrentProcessId
GlobalSize
FindResourceExA
GetShortPathNameA
TerminateProcess
SetCurrentDirectoryA
GetConsoleCP
FreeResource
FormatMessageA
lstrlenA
WriteFile
_lread
GetFullPathNameA
_lcreat
ExpandEnvironmentStringsA
GetFileAttributesA
InitializeCriticalSection
WaitForSingleObject
FileTimeToSystemTime
lstrcpyA
GlobalFindAtomA
DeleteCriticalSection
LocalUnlock
SetPriorityClass
CompareStringW
EnterCriticalSection
FindFirstFileA
EnumResourceNamesA
HeapSize
lstrcmpW
CreateFileMappingA
GetPrivateProfileIntA
SuspendThread
MapViewOfFile
GetFileType
lstrcmpA
LocalAlloc
GetLocalTime
GlobalUnlock
IsValidCodePage
WritePrivateProfileStringA
LocalFree
GetUserDefaultUILanguage
GetStringTypeW
GetLocaleInfoA
DeleteFileA
_lclose
MulDiv
UnhandledExceptionFilter
HeapFree
CreateFileW
GetProcessHeap
GetFileTime
RaiseException
UnlockFile
GlobalGetAtomNameA
GetTempPathA
LocalFileTimeToFileTime
TlsFree
SetErrorMode
GetFileSize
FindNextChangeNotification
FileTimeToLocalFileTime
SearchPathA
GetTempFileNameA
TlsSetValue
HeapCreate
AreFileApisANSI
GlobalAddAtomW
VirtualProtect
SetEnvironmentVariableA
AddAtomA
OpenWaitableTimerW
OpenWaitableTimerA
GetProcAddress
GetACP
LoadLibraryW
GetModuleHandleW
CancelWaitableTimer
GetCurrentProcess
GlobalFree
GlobalAddAtomA

user32

TranslateAcceleratorW
PtInRect
DefWindowProcW
KillTimer
MonitorFromPoint
GetClientRect
UpdateLayeredWindow
GetMenuItemCount
DestroyCursor
RemoveMenu
GetClassNameW
SetCursor
LoadMenuW
LoadCursorW
SetTimer
SetFocus
GetMonitorInfoW
DestroyMenu
GetCursorPos
MessageBeep
GetWindowTextW
ShowWindow
EnumChildWindows
GetWindowRect
SetWindowTextW
GetParent
SetWindowPos
AppendMenuW
ScreenToClient
SetWindowLongW
MapWindowPoints
CreatePopupMenu
InvalidateRect
CallWindowProcW
IsWindow
SendMessageW
DrawTextW
GetWindowThreadProcessId
DispatchMessageW
TranslateMessage
PeekMessageW
LoadStringW
UnregisterClassA
SetForegroundWindow
LoadStringA
LoadIconA
CharUpperA
GetForegroundWindow
GetKeyboardLayout
IsWindowUnicode
GetDesktopWindow
GetWindowDC
GetFocus
TrackPopupMenuEx
GetWindow
CharNextW
LoadImageW
ReleaseDC
EnumWindows
TrackMouseEvent
PostMessageW
PostQuitMessage
GetMenuItemInfoW
MonitorFromWindow
GetMessageW
GetWindowLongW

advapi32

DeleteService
RegOpenKeyW
RegOpenKeyExW
SetNamedSecurityInfoW
RegCreateKeyExW
OpenProcessToken
GetTokenInformation
OpenSCManagerW
ChangeServiceConfigW
RevertToSelf
SetServiceStatus
OpenServiceW
RegCloseKey
StartServiceW
CreateServiceW
RegQueryValueExW
QueryServiceStatusEx
CreateProcessAsUserW
GetNamedSecurityInfoW
SetTokenInformation
EnumDependentServicesW
ReportEventW
RegisterServiceCtrlHandlerExW
RegCreateKeyW
BuildExplicitAccessWithNameW
ControlService
StartServiceCtrlDispatcherW
SetEntriesInAclW
CloseServiceHandle
DuplicateTokenEx
DeregisterEventSource
RegSetValueExW
RegisterEventSourceW
RegEnumKeyW

shell32

SHGetSpecialFolderPathW
SHEmptyRecycleBinW
SHGetMalloc

ole32

CoInitialize

shlwapi

PathRemoveFileSpecW
PathQuoteSpacesW
PathCombineW
PathFileExistsW
PathAppendW
PathFindFileNameW
StrStrIW

version

VerQueryValueW

oledlg

ord8

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

psapi

GetModuleInformation
GetModuleFileNameExW

msvcrt

_exit
__set_app_type
_CIsin
_except_handler3

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bacb7a309a91ee92cfec7e92715ba206

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

userenv

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 19KB - Virtual size: 91KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 19KB - Virtual size: 91KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 5KB - Virtual size: 5KB