VirusShare_1c3ae9d637d56d931a5f88e041ca1d55

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_1c3ae9d637d56d931a5f88e041ca1d55
Size

357KB
MD5

1c3ae9d637d56d931a5f88e041ca1d55
SHA1

da9f57c68775a459e3dbf11d6877f8608963dee8
SHA256

97078c99b8d67363c90014b1ab32cca29737222ea0d7a5f0bb45cc6f714d7c13
SHA512

0c2d7d12e50676cb0c88e0dff776b1488369eb20c105e886dd2968b5b4e7912e8acf501874a7620e68d69f08c8f196a035205b1180ebec4d5158fb4bf68e0b27
SSDEEP

3072:Hj0Ib959B3NY+7owPpliv7qOQZyPtwJfwQK1sFsu1wnR8XCnRU:V5zHoiKjzQZyP6J4xmouoq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1c3ae9d637d56d931a5f88e041ca1d55

Files

VirusShare_1c3ae9d637d56d931a5f88e041ca1d55
.exe windows:5 windows x86 arch:x86

84b7f3b5978cc6a4e9c0c8ed994ab41e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
FormatMessageW
GetAtomNameW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFileTime
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedDecrement
FindResourceW
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
SetCurrentDirectoryW
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WriteFile
lstrcatW
lstrcpynW
lstrlenW
VirtualAllocEx
GetACP
GetProcAddress
GetCurrentThread
CreateFileA
FindNextFileW
FindFirstFileW
FindClose
FindAtomW
EnterCriticalSection
DeleteFileW
DeleteAtom
CreateSemaphoreW
CreateFileW
CreateDirectoryW
CompareStringW
CloseHandle
InterlockedExchange
AddAtomW

user32

LoadCursorA
SetForegroundWindow
SetFocus
LoadIconW
LoadStringW
FindWindowW
ExitWindowsEx
LoadIconA
MessageBoxW

advapi32

RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegDeleteValueW
RegFlushKey
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
OpenProcessToken

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

msvcrt

_XcptFilter
__getmainargs
__lconv_init
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_mbschr
_mbsinc
_mbslen
_mbsrchr
_stricmp
_strnicmp
_wcsicmp
atoi
exit
free
isdigit
isleadbyte
isspace
memmove
rand
setlocale
srand
strchr
strncmp
strncpy
strrchr
strtoul
time
towlower
wcsncpy

Sections

192
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data16
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

191
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

19
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

18
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

17
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

16
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

15
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84b7f3b5978cc6a4e9c0c8ed994ab41e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

Sections

192 Size: 3KB - Virtual size: 3KB

.text Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 1KB

.data16 Size: 69KB - Virtual size: 69KB

.data5 Size: 69KB - Virtual size: 69KB

.data11 Size: 1024B - Virtual size: 1024B

.data10 Size: 1024B - Virtual size: 1024B

.data9 Size: 1024B - Virtual size: 1000B

.data8 Size: 1024B - Virtual size: 1000B

.data7 Size: 1024B - Virtual size: 1000B

.data6 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

191 Size: 3KB - Virtual size: 3KB

19 Size: 130KB - Virtual size: 130KB

18 Size: 8KB - Virtual size: 7KB

17 Size: 8KB - Virtual size: 7KB

16 Size: 8KB - Virtual size: 7KB

15 Size: 8KB - Virtual size: 7KB

192
Size: 3KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 1KB

.data16
Size: 69KB - Virtual size: 69KB

.data5
Size: 69KB - Virtual size: 69KB

.data11
Size: 1024B - Virtual size: 1024B

.data10
Size: 1024B - Virtual size: 1024B

.data9
Size: 1024B - Virtual size: 1000B

.data8
Size: 1024B - Virtual size: 1000B

.data7
Size: 1024B - Virtual size: 1000B

.data6
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

191
Size: 3KB - Virtual size: 3KB

19
Size: 130KB - Virtual size: 130KB

18
Size: 8KB - Virtual size: 7KB

17
Size: 8KB - Virtual size: 7KB

16
Size: 8KB - Virtual size: 7KB

15
Size: 8KB - Virtual size: 7KB