VirusShare_7049d1159e82b20436a3849781c37c2b

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_7049d1159e82b20436a3849781c37c2b
Size

293KB
MD5

7049d1159e82b20436a3849781c37c2b
SHA1

edf77963a30b94439174e36be77dba69bfa77109
SHA256

e8c0b3052eff592771c650eee736f6921837e300146853b5a1368be3085301c1
SHA512

0a543cfa3bda9a8ac6ca36b8b86d0c4515d39225a585d22e3f5a73a39365f298345d9b4b971b46d0fee26c436ab3c2b04cfd82c706661b0e63de078364ba96fc
SSDEEP

6144:yqlE7j0QpH5bwc8nezDKffDbw66QrBsBWWFya2sIhuUQF:yqlE7j75MVeUfDbh6GBsM8urhLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_7049d1159e82b20436a3849781c37c2b

Files

VirusShare_7049d1159e82b20436a3849781c37c2b
.exe windows:4 windows x86 arch:x86

570755b5c93945f04a023ab930dff781

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceStatus
LsaLookupNames
GetSidSubAuthority
EnumServicesStatusA
RegLoadKeyW
AreAnyAccessesGranted
RegOpenKeyExA
IsValidAcl
RegDeleteKeyW
RegQueryInfoKeyW
DeleteService
GetSidLengthRequired
AbortSystemShutdownW
RegEnumKeyA
ReadEventLogA
CreateProcessAsUserA
GetTrusteeFormA
RegOpenKeyA
GetSecurityDescriptorOwner
LsaEnumerateAccountRights
RegSetValueExA
LogonUserW
GetKernelObjectSecurity
RegUnLoadKeyW
RegCreateKeyW
AddAuditAccessAce
GetServiceDisplayNameW
RegQueryValueW
LookupAccountNameW
CreateServiceA
EqualPrefixSid
MakeSelfRelativeSD
RegQueryValueA
RegRestoreKeyW
BackupEventLogA
BuildTrusteeWithNameW
GetFileSecurityW
ObjectOpenAuditAlarmW
StartServiceCtrlDispatcherW
RegDeleteValueW
OpenServiceA
RevertToSelf
LsaSetInformationPolicy
AccessCheck
RegCreateKeyExW
RegCreateKeyA
ObjectCloseAuditAlarmA
SetEntriesInAclA
LsaCreateTrustedDomainEx
RegConnectRegistryW
QueryServiceObjectSecurity
BuildImpersonateTrusteeA
LsaClose
MakeAbsoluteSD
RegConnectRegistryA
GetLengthSid
IsTokenRestricted
BuildExplicitAccessWithNameW
RegisterEventSourceW
ObjectDeleteAuditAlarmW
LsaEnumerateTrustedDomains
LsaSetTrustedDomainInfoByName
SetServiceStatus
EqualSid
OpenEventLogA
GetSecurityDescriptorGroup
NotifyChangeEventLog
OpenProcessToken
RegOpenKeyExW
RegEnumValueA
RegEnumValueW
RegisterServiceCtrlHandlerA
ImpersonateSelf
RegSaveKeyA
RegOpenKeyW
RegCreateKeyExA
RegSetKeySecurity
SetSecurityDescriptorGroup
OpenBackupEventLogW
RegQueryMultipleValuesA
RegNotifyChangeKeyValue
GetSidIdentifierAuthority
LsaOpenPolicy
AddAce
GetAuditedPermissionsFromAclW
GetAclInformation
LsaQueryTrustedDomainInfo
ReportEventW
GetOldestEventLogRecord
AllocateAndInitializeSid
SetSecurityDescriptorOwner
GetUserNameW
AdjustTokenPrivileges
RegGetKeySecurity
OpenSCManagerW
LookupAccountNameA
LookupSecurityDescriptorPartsW
LsaQueryInformationPolicy
LsaDeleteTrustedDomain
RegSetValueA
UnlockServiceDatabase
StartServiceCtrlDispatcherA
LsaRetrievePrivateData
AccessCheckAndAuditAlarmA
LsaAddAccountRights
PrivilegedServiceAuditAlarmW
LsaQueryTrustedDomainInfoByName
GetSecurityDescriptorLength
GetNumberOfEventLogRecords
SetServiceObjectSecurity
InitiateSystemShutdownW
QueryServiceLockStatusW

kernel32

DeleteFileA
GetPrivateProfileStructW
CommConfigDialogA
FillConsoleOutputAttribute
GetModuleHandleA
GetStartupInfoA

user32

PaintDesktop
DdeUnaccessData
FillRect
GetMenuContextHelpId
CreateIconIndirect
CallNextHookEx
ShowScrollBar
DrawIcon
PeekMessageW
GetMessageTime
ExcludeUpdateRgn
DdeUninitialize
MoveWindow
KillTimer
GetSystemMetrics
DdeConnect
CreateMDIWindowW
CreateDesktopA
IsWindowVisible
AppendMenuA
CharLowerW
DispatchMessageA
DdeQueryStringA
ChildWindowFromPointEx
LookupIconIdFromDirectoryEx
DdeKeepStringHandle
GetKBCodePage
DlgDirSelectExW
EnableMenuItem
SendDlgItemMessageW
EnableScrollBar
CheckMenuItem
LoadStringA
SetWindowTextA
MapVirtualKeyExA
DdeAccessData
GetMessagePos
DdePostAdvise
GetMessageA
CreateWindowExA
DestroyMenu
DdeGetLastError
PostThreadMessageA
GetWindowModuleFileNameA
GetWindowTextLengthW
SetMenuDefaultItem
IsMenu
GetWindowModuleFileNameW
EndDeferWindowPos
CloseWindow
GetMenuState
DestroyCursor
GetWindow
GetForegroundWindow
MessageBeep
GetDCEx
OemToCharBuffW
DrawAnimatedRects
CallWindowProcA
EnumPropsExA
LoadBitmapA
DefFrameProcA
ShowCaret
CallMsgFilterA
OpenDesktopW
InsertMenuW
DestroyIcon
SendDlgItemMessageA
CreateCursor
DeleteMenu
DestroyAcceleratorTable
SendMessageCallbackA
GetMessageW
GetClassNameW
NotifyWinEvent
OffsetRect
GetClipboardData
GetUpdateRect
UnregisterClassA
SetDoubleClickTime

mpr

WNetGetConnectionW
WNetGetLastErrorA
WNetAddConnection2A
WNetAddConnectionA
WNetCancelConnection2A
WNetAddConnection3A
WNetConnectionDialog

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__p__commode
_acmdln
exit
_XcptFilter
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs

winmm

waveInGetErrorTextA
auxGetVolume
waveInGetDevCapsA
mmioSeek
joyGetDevCapsW
mixerGetDevCapsA
midiStreamOut
mixerGetLineControlsW
mmioWrite
waveOutGetErrorTextW
mmioOpenW
midiInReset
mmioRenameW
midiStreamPause
midiInGetErrorTextW
mixerGetLineInfoW
midiInUnprepareHeader
mmioSendMessage
waveOutGetPlaybackRate
joyGetPos
joyGetDevCapsA
waveOutGetNumDevs
midiInGetErrorTextA
mixerGetNumDevs
midiOutGetDevCapsW
GetDriverModuleHandle
midiOutClose
midiOutShortMsg
timeBeginPeriod
mciGetDeviceIDA
mmioCreateChunk
waveInMessage
mmioStringToFOURCCA
mmioStringToFOURCCW
waveOutBreakLoop
waveInClose
mmioInstallIOProcW
waveOutGetID
midiStreamStop
midiOutMessage
DefDriverProc
auxOutMessage
waveOutReset
mciGetDeviceIDW
midiDisconnect
waveOutPause
midiInStart
midiOutGetErrorTextW
mciSendStringA
midiOutSetVolume
mciGetErrorStringA
timeGetTime
PlaySoundA
midiInGetDevCapsA
mmioSetInfo
sndPlaySoundA
mmioFlush
mmioRead
joyGetPosEx
midiConnect
mmioGetInfo

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

570755b5c93945f04a023ab930dff781

Headers

File Characteristics

Imports

advapi32

kernel32

user32

mpr

msvcrt

winmm

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1.3MB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1.3MB

.rsrc
Size: 4KB - Virtual size: 2KB