VirusShare_35bf2596ffa2b01587f0db2a08f08af0

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_35bf2596ffa2b01587f0db2a08f08af0
Size

189KB
MD5

35bf2596ffa2b01587f0db2a08f08af0
SHA1

2ccb79f93a215fdc9b0d2ec05373ad95e49065b4
SHA256

55ca7428500b9338028e74761d36772ddb6545d5ac46000b9926d6301ab3f4f3
SHA512

4f028b809eba4ed93a33937afb08fb03650856fe1423d3d3e028d6015c546af99bc1b0803569bda0f57bb634a97aab7acbe2de3a3a9d8a2294bc3f5a3c67bf70
SSDEEP

3072:PSHR/Aiib6KFFuwFS/DhHOEw54EiFZkNnRCsAXOoDtEnmkCdk2:PSHiJFFNAVoNNftEw2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_35bf2596ffa2b01587f0db2a08f08af0

Files

VirusShare_35bf2596ffa2b01587f0db2a08f08af0
.dll windows:4 windows x86 arch:x86

2dbeb5b3ffa7b4297d718702ff5b25ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
ReadConsoleOutputCharacterW
MapViewOfFile
lstrcpynA
GetTempPathA
GetConsoleDisplayMode
SetFilePointer
GetNumberOfConsoleMouseButtons
GetProcessTimes
lstrcmpiA
InitAtomTable
CreateTimerQueueTimer
OpenThread
RegisterWaitForSingleObject
FlushInstructionCache
WinExec
AreFileApisANSI
DebugActiveProcess
GetFileAttributesA
EnumSystemLanguageGroupsA
CreateTimerQueue
GetCurrentProcess
lstrcpynW
GetLastError
GetNumberFormatA

winmm

waveInGetDevCapsW
mciGetDeviceIDFromElementIDW
midiInStart
waveOutReset
joyGetThreshold
mixerGetDevCapsA
waveOutPause
mixerGetControlDetailsA
waveOutSetVolume
mmioDescend
mixerGetDevCapsW
waveOutGetPosition
mmioAscend
waveInOpen
mciGetCreatorTask
midiInAddBuffer
midiOutGetDevCapsW
joyGetPos
midiOutUnprepareHeader
mciGetDeviceIDFromElementIDA
midiInUnprepareHeader
waveOutClose
sndPlaySoundA
waveInGetPosition
timeGetSystemTime
auxSetVolume
midiStreamOut
midiOutCacheDrumPatches
joyReleaseCapture
waveOutWrite
waveInStop
midiOutGetErrorTextW
mixerGetLineControlsW
midiStreamRestart
waveOutMessage
DrvGetModuleHandle

setupapi

SetupOpenAppendInfFileW
SetupDiGetINFClassA
SetupDiGetDriverInfoDetailA
SetupDiClassNameFromGuidA
SetupDiSetSelectedDriverA
SetupDiGetDeviceInfoListClass
SetupQueueDeleteW
SetupLogFileA
SetupDiGetDeviceInterfaceDetailA
SetupScanFileQueueA
SetupTermDefaultQueueCallback
SetupQueryInfOriginalFileInformationW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupDiSelectBestCompatDrv
SetupDeleteErrorW
SetupDiDestroyClassImageList
SetupQueueCopyIndirectA
SetupAddSectionToDiskSpaceListA
SetupQueueCopySectionA
SetupInstallServicesFromInfSectionExW
SetupAdjustDiskSpaceListA
SetupCopyOEMInfW
SetupOpenAppendInfFileA
SetupAddToSourceListW
SetupDefaultQueueCallbackA
SetupDiGetWizardPage
SetupGetSourceInfoW
SetupCopyErrorA
SetupDiInstallClassExW

Exports

Exports

CLSIDFromChannel
IntlSheetHKey

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 143B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 46B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dbeb5b3ffa7b4297d718702ff5b25ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

setupapi

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.data Size: 47KB - Virtual size: 50KB

.ndata Size: 1024B - Virtual size: 157B

.tls Size: 1024B - Virtual size: 143B

.reloc Size: 1024B - Virtual size: 46B

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 148KB

.text
Size: 132KB - Virtual size: 131KB

.data
Size: 47KB - Virtual size: 50KB

.ndata
Size: 1024B - Virtual size: 157B

.tls
Size: 1024B - Virtual size: 143B

.reloc
Size: 1024B - Virtual size: 46B

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 148KB