VirusShare_15ccc8b6c5d3da5aa04ac0070ce02341

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_15ccc8b6c5d3da5aa04ac0070ce02341
Size

351KB
MD5

15ccc8b6c5d3da5aa04ac0070ce02341
SHA1

622e79327ccb7e185a98b3d42b999dbdb0e78809
SHA256

893591a131400eeeb7fcd8f27cf32dfcc218778586e8376dcdd51d539f6ea246
SHA512

20814ac6c67e2f970a2fd3d6b48f9950226847819d7b18408fe5ddbc7b99254d87f8d4ec0fbcb550cbd6ef2a2bac40382bc639961ca8be9b84ccd875723552ea
SSDEEP

6144:KaRueM6Ryfe3vIHbG6TK2h0j+UCsTt99/lYPGEX:JRo6kgCG4K60j+UCmPYPGEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_15ccc8b6c5d3da5aa04ac0070ce02341

Files

VirusShare_15ccc8b6c5d3da5aa04ac0070ce02341
.exe windows:4 windows x86 arch:x86

b9af3413a2e50bfadd743794e046bd5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakeSystemFolderW
PathUnquoteSpacesW
SHRegGetBoolUSValueA
StrToIntExA
SHGetValueA
PathQuoteSpacesW
SHRegGetUSValueA
PathFindExtensionW
SHRegOpenUSKeyW
PathIsUNCServerW
PathAddBackslashW
StrCSpnW
PathCanonicalizeW
PathSearchAndQualifyW
PathSetDlgItemPathW
PathCompactPathExW
SHDeleteKeyA
PathRemoveBlanksA
StrFormatByteSizeW
SHEnumKeyExW
SHRegWriteUSValueA
PathGetArgsA
PathIsContentTypeW
PathIsPrefixW
PathSkipRootA
PathStripPathW
PathRelativePathToA
PathIsFileSpecA
PathAddExtensionW
PathCanonicalizeA
SHDeleteValueW
PathIsUNCServerShareW
StrTrimW
PathCommonPrefixW
PathFindOnPathA
SHRegEnumUSKeyW
PathIsURLA
SHDeleteEmptyKeyA
PathRemoveFileSpecW
SHRegGetUSValueW
StrCpyW
PathRemoveFileSpecA
PathStripPathA
PathIsSystemFolderW
PathIsPrefixA
SHRegEnumUSKeyA
StrCSpnA
SHRegGetBoolUSValueW
SHRegCreateUSKeyW
PathSkipRootW
PathIsRootW
PathMatchSpecW
StrCmpW
PathIsRootA
PathIsFileSpecW
PathQuoteSpacesA
SHOpenRegStreamA
ChrCmpIW
PathGetArgsW
SHGetValueW
PathFindOnPathW
PathCompactPathW
SHCreateShellPalette
StrFormatByteSizeA
PathBuildRootW
StrNCatW
PathStripToRootW
PathFindFileNameA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

user32

AttachThreadInput
TranslateMDISysAccel
IsIconic
UnpackDDElParam
GetKeyboardLayoutNameA
GetMessagePos
VkKeyScanA
SetSystemCursor
CreateWindowExA
DdeDisconnectList
DefFrameProcA
DispatchMessageA
DdeEnableCallback
GrayStringA
SetWindowsHookA
GetSysColorBrush
FreeDDElParam
SetDlgItemTextW
SetCapture
SetProcessWindowStation
SetDlgItemTextA
GetPropW
GetDesktopWindow
EnumDisplaySettingsA
AppendMenuA
TranslateAcceleratorW
SetPropA
ChangeDisplaySettingsExW
EnableWindow
UnregisterClassA
OpenIcon
CheckMenuRadioItem
GetWindowRect
HideCaret
UnregisterClassW
GetWindowLongA
DrawTextExW
IsMenu
DestroyCursor
GetKeyboardType
GetClipboardData
SetKeyboardState
CreateDialogIndirectParamA
ShowScrollBar
GetIconInfo
DefWindowProcW
LoadCursorFromFileA
EnumDesktopWindows
DdeGetLastError
LoadCursorW
ScreenToClient
GetLastActivePopup
SetDoubleClickTime
GetPriorityClipboardFormat
SetMenuDefaultItem
DlgDirSelectComboBoxExW
FrameRect
IsWindowUnicode
RemoveMenu
CallMsgFilterA
ChildWindowFromPointEx
CheckRadioButton
DispatchMessageW
GetCursor
GetMenuItemInfoW
GetDlgItemTextA
IsRectEmpty
TranslateAcceleratorA
GetForegroundWindow
LoadAcceleratorsA
InsertMenuItemW
EnableScrollBar
SetForegroundWindow
GetMenuContextHelpId
LoadCursorA
GetSystemMetrics
CreateDialogParamA
SetWindowsHookExA
ShowOwnedPopups
ChangeMenuA
UpdateWindow
WINNLSEnableIME
GetCursorPos
MapVirtualKeyExA
ToAscii
GetWindowModuleFileNameW
GetWindowLongW
GetUpdateRect
DdeQueryStringA
DdeInitializeA

kernel32

GetStartupInfoA
ExitProcess
EnumResourceNamesW
FlushFileBuffers
GlobalWire
GetStringTypeExA
GetDateFormatW
GlobalMemoryStatus
AllocConsole
GetModuleHandleA
Toolhelp32ReadProcessMemory
GetStartupInfoA
ExitProcess
EnumResourceNamesW
FlushFileBuffers
GlobalWire
GetStringTypeExA
GetDateFormatW
GlobalMemoryStatus
AllocConsole
GetModuleHandleA
Toolhelp32ReadProcessMemory

comdlg32

FindTextA

advapi32

RegDeleteValueA

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9af3413a2e50bfadd743794e046bd5d

Headers

File Characteristics

Imports

shlwapi

msvcrt

user32

kernel32

comdlg32

advapi32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 3.1MB

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 3.1MB

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 12KB - Virtual size: 10KB