VirusShare_bb7947db93d3a34e451eca532f5b1c1d

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_bb7947db93d3a34e451eca532f5b1c1d
Size

327KB
MD5

bb7947db93d3a34e451eca532f5b1c1d
SHA1

8aeb223168fd677100b961a11417c4a87da43aed
SHA256

3c497823470c61abef4c240b7006a09896cb954b487459842a8cfaa93053810f
SHA512

40fb9d5b7efab27cd5d86cde57071c1cafc03ec19a0f753e8be5aaf4d069705fb6e01175d5eae94ead3f5e8d0d4b08177abb833756e2d04c3197f47b24f79754
SSDEEP

6144:028Uii4xHltKjPLd1RU+v0ulfT5yD1NNs96YZJA38ONVcz:0289pxHWPLd1oulr5G7OAMONVe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_bb7947db93d3a34e451eca532f5b1c1d

Files

VirusShare_bb7947db93d3a34e451eca532f5b1c1d
.exe windows:4 windows x86 arch:x86

6497bb59045c84b03a102f074e051725

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeleteService
SetSecurityInfo
RegQueryMultipleValuesA
RegDeleteValueA
SetThreadToken
BuildTrusteeWithNameA
CreateProcessAsUserA
ControlService
AddAce
UnlockServiceDatabase
RegCreateKeyW
RevertToSelf
InitiateSystemShutdownW
RegSaveKeyA
LsaQueryTrustedDomainInfoByName
RegConnectRegistryW
SetPrivateObjectSecurity
GetSecurityDescriptorControl
OpenProcessToken
AbortSystemShutdownW
MakeSelfRelativeSD
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegReplaceKeyW
LsaEnumerateTrustedDomains
SetEntriesInAclA
GetAclInformation
GetFileSecurityW
RegDeleteKeyW
OpenServiceW
EnumServicesStatusA
RegOpenKeyA
LsaQueryTrustedDomainInfo
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherA
LsaClose
GetSecurityDescriptorDacl
RegRestoreKeyW
RegSetKeySecurity
RegCreateKeyExW
InitializeSecurityDescriptor
CreatePrivateObjectSecurity
CreateServiceA
SetNamedSecurityInfoW
DuplicateTokenEx
LsaDeleteTrustedDomain
DecryptFileW
ReportEventA
QueryServiceConfig2A
RegOpenKeyExA
GetOldestEventLogRecord
ObjectCloseAuditAlarmA
RegQueryMultipleValuesW
LsaEnumerateAccountRights
GetLengthSid
ReadEventLogA
BuildExplicitAccessWithNameW
RegDeleteValueW
CopySid
SetServiceObjectSecurity
SetServiceStatus
QueryServiceObjectSecurity
AddAccessAllowedAce
RegCloseKey
GetSidLengthRequired
CloseEventLog
LockServiceDatabase
LookupAccountNameW
LookupPrivilegeDisplayNameW
LookupSecurityDescriptorPartsW
RegSetValueExW
MakeAbsoluteSD
LsaSetInformationPolicy
RegGetKeySecurity
LsaQueryInformationPolicy
BuildTrusteeWithNameW
CreateRestrictedToken
RegOpenKeyW
SetFileSecurityW
OpenServiceA
RegQueryValueExW
LsaCreateTrustedDomainEx
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
GetKernelObjectSecurity
RegOverridePredefKey
IsTokenRestricted
GetTrusteeFormA

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_initterm
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
__set_app_type
_exit

user32

AdjustWindowRect

shlwapi

SHQueryValueExW
PathMakePrettyW
PathFindFileNameW
SHRegWriteUSValueA
PathCommonPrefixA
PathFindOnPathA
PathFindExtensionW
SHDeleteValueA
PathIsRelativeW
PathIsDirectoryA
PathFindFileNameA
PathAddBackslashA
StrIsIntlEqualW
PathStripPathW
PathFindExtensionA
StrSpnA
PathQuoteSpacesW
PathIsSystemFolderW
SHRegDeleteEmptyUSKeyW
PathCanonicalizeA
PathGetDriveNumberA
PathIsRelativeA
PathRemoveBlanksW
PathRemoveArgsW
StrFormatByteSizeW
PathParseIconLocationW
PathRemoveBackslashW

kernel32

GetConsoleCP
GetProcessShutdownParameters
GetModuleHandleA
GetStartupInfoA
CreateTapePartition

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6497bb59045c84b03a102f074e051725

Headers

File Characteristics

Imports

advapi32

msvcrt

user32

shlwapi

kernel32

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4.4MB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4.4MB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 16KB - Virtual size: 12KB