VirusShare_6e5a1c31ae968ee65b5900326aedd7d4

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_6e5a1c31ae968ee65b5900326aedd7d4
Size

176KB
MD5

6e5a1c31ae968ee65b5900326aedd7d4
SHA1

71e2803ab8c35c0030fad7ef1eceae3cfb51c8ec
SHA256

2c733cf089d0b20bd00f881403135330cb3efac36f2ff59b3fa8e12e43378a88
SHA512

e35538fafbb9305aa39a95a07c873124e6f2b4e932bd586390c9d43c58c592aa5a92d61d9ad6a2abb41d20b43bfdee02fc4c7d1e98cece77cf79894de958ff22
SSDEEP

3072:hrH3nDKWsVWF8jhylYoGF8AWMue09TUBXoogDV3jKsWg:Z3DvnF8VygZbEm7uyg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_6e5a1c31ae968ee65b5900326aedd7d4

Files

VirusShare_6e5a1c31ae968ee65b5900326aedd7d4
.dll windows:4 windows x86 arch:x86

33bd5fe337d4eaa75ee6020462f3450a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
lstrcpyA
GetComputerNameA
ResumeThread
lstrcatW
lstrcatA
GetProfileSectionW
GetTapeParameters
EnumCalendarInfoExA
GetCurrentThreadId
EnumResourceTypesW
SetConsoleWindowInfo
ResumeThread
SetTapePosition
GetConsoleCursorInfo
GetEnvironmentStrings
HeapSetInformation
EnumResourceLanguagesA
GetVersionExW
ReplaceFileA
SearchPathW
GetVolumeNameForVolumeMountPointA
HeapCreate
GetStringTypeW
TransactNamedPipe
SetEnvironmentVariableW
GetCurrentConsoleFont
EnumUILanguagesA

user32

WindowFromDC
MonitorFromPoint
FindWindowExA
EnumDisplayDevicesW
ChangeClipboardChain
UnregisterClassW
DrawIcon
CharToOemBuffW
KillTimer

clusapi

GetClusterFromNode
ClusterResourceEnum
ClusterEnum
ResumeClusterNode
ClusterNodeControl
OnlineClusterResource
CloseClusterNetwork
SetClusterName
RemoveClusterResourceDependency
CloseClusterResource
ChangeClusterResourceGroup
RestoreClusterDatabase
GetClusterFromGroup
ClusterRegOpenKey
GetClusterKey
ClusterResourceControl
GetClusterFromNetwork
CloseClusterNode
GetClusterResourceTypeKey
CloseCluster
ClusterControl
SetClusterGroupNodeList
GetClusterNetworkState
ClusterRegEnumKey
GetClusterQuorumResource
ClusterNodeCloseEnum
ClusterRegGetKeySecurity
ClusterResourceTypeOpenEnum
GetClusterNotify
RemoveClusterResourceNode
ClusterRegCreateKey

Exports

Exports

AbortRunningLibrary
DebugBackup
ExitHard
ExtractBuildOwner
FlattenCreate
GdiInputOptionFreeEngine
MsgTapemarkConnect
PolyFocusOwnerILockEx
ReadProgBytes
ScrollActiveIStorage
ValidateBuildCertificate

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yf
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdVdP5
Size: 4KB - Virtual size: 18B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33bd5fe337d4eaa75ee6020462f3450a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

clusapi

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 70KB

.yf Size: 124KB - Virtual size: 120KB

.fdVdP5 Size: 4KB - Virtual size: 18B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 70KB

.yf
Size: 124KB - Virtual size: 120KB

.fdVdP5
Size: 4KB - Virtual size: 18B

.reloc
Size: 4KB - Virtual size: 1KB