VirusShare_410c346eaa782ef84f1cbde42f9bef72

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_410c346eaa782ef84f1cbde42f9bef72
Size

93KB
MD5

410c346eaa782ef84f1cbde42f9bef72
SHA1

c6b37d5f49407538f9f3f19cc7cf3396db9752ae
SHA256

50c4d719a0f349e9bb228a7ec41dd2a0dbb97787d725463db5e7ad7710a06cef
SHA512

70c38d3cc3d77449db6da10165a49a028272a9c7572bd238bbc84afba50e756888fa97703982a99422c0c77271eed281d7dc7b972cd3f88488af8222db0d5506
SSDEEP

1536:g5hlPnwfUfIoCJNcm1GXE2PZfHfEd3MZPTdaJC0RY00PxCTKRJIT:g5LkUfIoCjcm1IEaZfa6PTdD+j0PxlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_410c346eaa782ef84f1cbde42f9bef72

Files

VirusShare_410c346eaa782ef84f1cbde42f9bef72
.dll windows:4 windows x86 arch:x86

54dc5d7a00cfe32865fcc6a42b57e85a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

.crt0

Imports

ntdll

strcat
ispunct
strspn
qsort

kernel32

InterlockedExchange
FreeLibrary
GetProcAddress
GlobalFindAtomA
SetTapePosition
ClearCommBreak
GetCPInfo
PrepareTape
SetErrorMode
LoadLibraryExA
SetCommBreak
LocalLock
SetInformationJobObject
CopyFileExW
IsValidCodePage
HeapAlloc
ClearCommError
GetConsoleDisplayMode
EnumResourceNamesW
WriteConsoleW
BeginUpdateResourceA
GlobalUnWire
GetCurrentProcessId
OpenWaitableTimerA
CreateSemaphoreA
EnumLanguageGroupLocalesA
GetConsoleFontSize
WaitNamedPipeA
GetNamedPipeInfo
OpenJobObjectA
CompareStringW
BeginUpdateResourceW
GetNativeSystemInfo
GetConsoleProcessList
VerLanguageNameA
GetFirmwareEnvironmentVariableW
ReadConsoleA
GetSystemWow64DirectoryW
EnumCalendarInfoW
GetConsoleCP
IsBadStringPtrW
GetOverlappedResult
GetCalendarInfoA
FindResourceExA
TransactNamedPipe
UnlockFile
GetDiskFreeSpaceA
FindActCtxSectionStringW
SetCalendarInfoW
GetProcessId
LoadLibraryA
FileTimeToSystemTime
VirtualAllocEx
EnumLanguageGroupLocalesW
GetBinaryTypeA
WriteConsoleInputA
GetAtomNameA
MapViewOfFile
IsBadReadPtr
WriteConsoleOutputCharacterW
SetConsoleCtrlHandler
SetThreadAffinityMask
FindFirstFileA
FindNextChangeNotification
TzSpecificLocalTimeToSystemTime
GlobalFindAtomA
SetSystemPowerState
ReadConsoleW
CallNamedPipeW
SetFileValidData
FormatMessageW
WriteProcessMemory
SetFirmwareEnvironmentVariableW
HeapValidate
RaiseException
Module32Next
lstrlenW
FindFirstFileW
IsBadCodePtr
FindResourceA
VirtualUnlock
GetProcessHeap
BackupSeek
QueueUserWorkItem
EnumResourceLanguagesA
GetDateFormatA
GetDiskFreeSpaceExA
LocalShrink
GetNamedPipeHandleStateA
GetConsoleSelectionInfo
GetCurrentThreadId
CreateActCtxA
GetWriteWatch
ConvertDefaultLocale
AllocateUserPhysicalPages
OpenWaitableTimerW
WideCharToMultiByte
GetLastError
GetTimeFormatA
LocalAlloc
FindNextVolumeA
SetFileAttributesW

msvcrt

realloc
fwrite
wcscoll
is_wctype
fgetc
strtok
rewind
iswupper
feof
iswcntrl
vwprintf
freopen
clearerr
fprintf
swscanf
fread
vprintf
remove

user32

DrawEdge
IsWindowEnabled
SetCursor
OpenInputDesktop

oleaut32

VarR4CmpR8
BSTR_UserFree

mprapi

MprAdminMIBEntryGet
MprInfoBlockAdd
MprAdminMIBEntrySet

clusapi

ClusterNetworkCloseEnum

pdh

PdhSetCounterScaleFactor
PdhReadRawLogRecord
PdhAddCounterA

urlmon

FindMimeFromData
CoInternetParseUrl
RevokeFormatEnumerator
CoInternetCompareUrl
WriteHitLogging

Exports

Exports

PFXImportLocal
UninstallAppend

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y?7ltz
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

|,p>
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54dc5d7a00cfe32865fcc6a42b57e85a

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

msvcrt

user32

oleaut32

mprapi

clusapi

pdh

urlmon

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 4KB

CODE Size: 7KB - Virtual size: 6KB

y?7ltz Size: 6KB - Virtual size: 6KB

.qdata Size: 2KB - Virtual size: 1KB

Size: 4KB - Virtual size: 3KB

.erloc Size: 16KB - Virtual size: 15KB

|,p> Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 33KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 4KB

CODE
Size: 7KB - Virtual size: 6KB

y?7ltz
Size: 6KB - Virtual size: 6KB

.qdata
Size: 2KB - Virtual size: 1KB

.erloc
Size: 16KB - Virtual size: 15KB

|,p>
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 33KB