VirusShare_4433fb31cbe9161273fc540b926e7b77

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_4433fb31cbe9161273fc540b926e7b77
Size

172KB
MD5

4433fb31cbe9161273fc540b926e7b77
SHA1

d9ce69c844d8607115bc99544908d7de42944e58
SHA256

70d4c56421f36efc12ed0e318530c68a2725a4dfab95bff0794b1f448419d972
SHA512

d8b563e8c8c221da9b4dd5a0d8e515e92291817dd2a53eaae70515255863971ddddd433f9f8c4f47ffcb765b8a8c8f32c2723b515075e23606488066ef1f2a3b
SSDEEP

3072:gpyuDi860Km+Pi9vl8v63KvwPbQYyabNskVjzsa6vZOgrlcFaEats5kOEP:pQi866Z9rtfR3jzshZOFUnczEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_4433fb31cbe9161273fc540b926e7b77

Files

VirusShare_4433fb31cbe9161273fc540b926e7b77
.dll windows:4 windows x86 arch:x86

9764e78108f02060592b7785d76175b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
lstrcpyA
GetComputerNameA
TransactNamedPipe
lstrcatW
lstrcatA
GetProfileSectionW
GetTapeParameters
EnumCalendarInfoExA
GetCurrentThreadId
EnumResourceTypesW
SetConsoleWindowInfo
ResumeThread
SetTapePosition
GetConsoleCursorInfo
GetEnvironmentStrings
HeapSetInformation
EnumResourceLanguagesA
GetVersionExW
ReplaceFileA
SearchPathW
GetVolumeNameForVolumeMountPointA
HeapCreate
GetStringTypeW
TransactNamedPipe
SetEnvironmentVariableW
GetCurrentConsoleFont
EnumUILanguagesA

user32

WindowFromDC
MonitorFromPoint
FindWindowExA
EnumDisplayDevicesW
ChangeClipboardChain
UnregisterClassW
DrawIcon
CharToOemBuffW
KillTimer

clusapi

GetClusterFromNode
ClusterResourceEnum
ClusterEnum
ResumeClusterNode
ClusterNodeControl
OnlineClusterResource
CloseClusterNetwork
SetClusterName
RemoveClusterResourceDependency
CloseClusterResource
ChangeClusterResourceGroup
RestoreClusterDatabase
GetClusterFromGroup
ClusterRegOpenKey
GetClusterKey
ClusterResourceControl
GetClusterFromNetwork
CloseClusterNode
GetClusterResourceTypeKey
CloseCluster
ClusterControl
SetClusterGroupNodeList
GetClusterNetworkState
ClusterRegEnumKey
GetClusterQuorumResource
ClusterNodeCloseEnum
ClusterRegGetKeySecurity
ClusterResourceTypeOpenEnum
GetClusterNotify
RemoveClusterResourceNode
ClusterRegCreateKey

Exports

Exports

AbortRunningLibrary
DebugBackup
ExitHard
ExtractBuildOwner
FlattenCreate
GdiInputOptionFreeEngine
MsgTapemarkConnect
PolyFocusOwnerILockEx
ReadProgBytes
ScrollActiveIStorage
ValidateBuildCertificate

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yf
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdVdP5
Size: 4KB - Virtual size: 18B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9764e78108f02060592b7785d76175b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

clusapi

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 4KB - Virtual size: 70KB

.yf Size: 120KB - Virtual size: 119KB

.fdVdP5 Size: 4KB - Virtual size: 18B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 4KB - Virtual size: 70KB

.yf
Size: 120KB - Virtual size: 119KB

.fdVdP5
Size: 4KB - Virtual size: 18B

.reloc
Size: 4KB - Virtual size: 1KB