VirusShare_23f7c3286733f0e9d0adebfb9c5c3455

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_23f7c3286733f0e9d0adebfb9c5c3455
Size

189KB
MD5

23f7c3286733f0e9d0adebfb9c5c3455
SHA1

12a79da63bc9f4a43c7c93e952a39685f83678ca
SHA256

cb2d3c138d6bb073493e68660a2f007605ffd57200cfd9d10a4ee5542f548ccf
SHA512

b60d3ef0d66e0527a171d3c9ee7fbaface78c90d6cfa10e580aa581120b1d866b679232618348c569b9506ce90d727e3f3f2584e71ae68fff95b6b47cf186912
SSDEEP

3072:79GFTvoW7VwyV2ZpHsV6hWH9WHKESB/hl+aYSHEZ66D5:79GjpMHsV6UkqxFyaYUEZFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_23f7c3286733f0e9d0adebfb9c5c3455

Files

VirusShare_23f7c3286733f0e9d0adebfb9c5c3455
.dll windows:4 windows x86 arch:x86

d66ca258457f7f05f8f9930d90e20013

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceNamesW
CallNamedPipeA
OpenWaitableTimerW
GetLogicalDrives
GetShortPathNameW
DebugActiveProcess
FlushInstructionCache
UnregisterWaitEx
GetCommState
SetThreadPriorityBoost
GetThreadPriority
WinExec
EnumDateFormatsExA
VirtualAlloc
GlobalGetAtomNameA
CreateSemaphoreA
BeginUpdateResourceW
WriteConsoleW
GetConsoleMode
GetStdHandle
GetStartupInfoA
GetSystemDirectoryA
WriteConsoleOutputCharacterW
VirtualFreeEx
SetFileAttributesW
GetStringTypeExA
LeaveCriticalSection
GetLongPathNameW
GetVolumeInformationA
VirtualQueryEx
FatalExit
SetThreadContext
ContinueDebugEvent
GetSystemDefaultUILanguage
GetConsoleTitleW
GetConsoleTitleA
GetSystemWindowsDirectoryW
InterlockedCompareExchange

advapi32

LookupAccountSidA
RegOverridePredefKey
DeleteService
StartServiceCtrlDispatcherA
AccessCheckAndAuditAlarmA
DestroyPrivateObjectSecurity
ObjectCloseAuditAlarmA
CloseEncryptedFileRaw
RegisterEventSourceA
StartServiceW
GetSidSubAuthorityCount
RegFlushKey
ClearEventLogW
EnumDependentServicesA
SetKernelObjectSecurity
GetNumberOfEventLogRecords

Exports

Exports

WA1MPAcc2dessCompregsssion
WAMPAndroidDocument
WAMPDirectoryApp
WAMPDirectorySnow
WAMPFrozenParameter
WAMPGrep
WAMPMxemoryAl5gorithm
WAMPRippingMount

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ydata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d66ca258457f7f05f8f9930d90e20013

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 5KB

.edata Size: 60KB - Virtual size: 60KB

.tls Size: 8KB - Virtual size: 7KB

.ydata Size: 8KB - Virtual size: 7KB

.rsrc Size: 72KB - Virtual size: 76KB

.reloc Size: 512B - Virtual size: 16KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 5KB

.edata
Size: 60KB - Virtual size: 60KB

.tls
Size: 8KB - Virtual size: 7KB

.ydata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 72KB - Virtual size: 76KB

.reloc
Size: 512B - Virtual size: 16KB