VirusShare_c2727b2636882668f88d9ac61302ff46

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_c2727b2636882668f88d9ac61302ff46
Size

327KB
MD5

c2727b2636882668f88d9ac61302ff46
SHA1

0cd9060fb2f01499c154239ec72faec1185f4ac9
SHA256

63fb7daf619f9b59dfd4b0e460ce27cf43a248267a4b20d7273953ec6d5e4b90
SHA512

93b02861403d0cf63cf560ebae9b3f3d49f73e25e5fea2c0b14a3aa893a7e9ab4fea7b0ac21a007cd602cac752acd004127ae71611b1dec20b2ce2132ba3af98
SSDEEP

6144:kstDjhzRyzPod7RrlsegpfvD9ktMBEtyxsl0fy/DjGE:lt/ld7YegpfBhSyx+kCDiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_c2727b2636882668f88d9ac61302ff46

Files

VirusShare_c2727b2636882668f88d9ac61302ff46
.exe windows:4 windows x86 arch:x86

a0d352439b12c88a2ebd66392679a0af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCaretBlinkTime
CharPrevW
GetMessageExtraInfo
SetMenuItemInfoA
SetSystemCursor
DeleteMenu
DrawTextExW
CreateIconIndirect
OffsetRect
InvalidateRgn
EnumWindowStationsW
IsRectEmpty
PaintDesktop
CountClipboardFormats
SetCursor
AttachThreadInput
GetClipCursor
SetWindowTextA
ShowCursor

advapi32

RegDeleteValueW
RegGetKeySecurity
RegCreateKeyExA
GetSecurityDescriptorDacl
GetServiceDisplayNameW
EqualPrefixSid
RegCreateKeyW
RegLoadKeyW
GetKernelObjectSecurity
GetSecurityDescriptorControl
LsaEnumerateAccountsWithUserRight
RegQueryMultipleValuesA
RegQueryValueExW
ObjectPrivilegeAuditAlarmA
SetSecurityDescriptorSacl
ObjectCloseAuditAlarmW
ObjectDeleteAuditAlarmW
SetServiceObjectSecurity
LsaNtStatusToWinError
OpenSCManagerW
OpenBackupEventLogA
RegOpenKeyExW
BackupEventLogW
GetNamedSecurityInfoA
SetSecurityDescriptorGroup
RegQueryMultipleValuesW
EqualSid
RegOpenKeyExA
MapGenericMask
BuildTrusteeWithNameA
AdjustTokenGroups
ChangeServiceConfigW
RevertToSelf
GetOldestEventLogRecord
LookupPrivilegeValueA
SetEntriesInAclW
QueryServiceConfigA
SetTokenInformation
ControlService
GetFileSecurityW
CreatePrivateObjectSecurity
InitiateSystemShutdownW
ReportEventW
MakeSelfRelativeSD
OpenProcessToken
RegCreateKeyExW
AreAnyAccessesGranted
IsValidSid
LsaAddAccountRights
FreeSid
GetSidSubAuthority
RegSaveKeyA
GetExplicitEntriesFromAclA
MakeAbsoluteSD
LsaCreateTrustedDomainEx
AccessCheck
RegDeleteKeyA
OpenBackupEventLogW
RegReplaceKeyA
BuildTrusteeWithNameW
GetExplicitEntriesFromAclW
RegConnectRegistryW
RegNotifyChangeKeyValue
LsaDeleteTrustedDomain
QueryServiceStatus
RegQueryValueW
LsaSetTrustedDomainInfoByName
RegSetValueExA
LsaLookupNames
GetAuditedPermissionsFromAclW
LookupSecurityDescriptorPartsW
RegSetValueW
RegUnLoadKeyW
BuildExplicitAccessWithNameW
RegOpenKeyA
GetTokenInformation
ImpersonateSelf
BackupEventLogA
CreateRestrictedToken
SetNamedSecurityInfoW
GetAclInformation
GetSecurityInfo
LsaOpenPolicy
UnlockServiceDatabase
DeregisterEventSource
GetSecurityDescriptorOwner
ChangeServiceConfig2A
QueryServiceLockStatusA
ObjectOpenAuditAlarmW
SetSecurityDescriptorOwner
LogonUserA
RegEnumValueW
RegisterServiceCtrlHandlerA
BuildTrusteeWithSidA
LsaSetInformationPolicy
AbortSystemShutdownW
GetUserNameW
IsValidAcl
StartServiceCtrlDispatcherW
LsaClose
CreateProcessAsUserA
GetServiceKeyNameA
EnumDependentServicesW
GetLengthSid
RegisterEventSourceA
RegOverridePredefKey
QueryServiceObjectSecurity
PrivilegedServiceAuditAlarmW
CreateServiceA
RegOpenKeyW
AddAccessAllowedAce
LookupAccountNameW
SetSecurityInfo
OpenServiceA
ReadEventLogW
RegSetValueExW
RegCloseKey
ObjectCloseAuditAlarmA
RegQueryValueExA
DuplicateTokenEx
QueryServiceConfig2W
RegisterEventSourceW
QueryServiceLockStatusW
SetFileSecurityW
GetSidLengthRequired
SetFileSecurityA
AddAuditAccessAce
GetFileSecurityA
AdjustTokenPrivileges
AllocateAndInitializeSid
AddAce
DecryptFileW
RegConnectRegistryA

mpr

WNetEnumResourceW
WNetCancelConnectionA
WNetAddConnectionW
WNetAddConnection2W
WNetGetConnectionA
WNetCancelConnection2A
WNetOpenEnumA
WNetCancelConnectionW
WNetAddConnectionA
WNetAddConnection3W

winmm

mmioAscend
SendDriverMessage
waveOutGetPlaybackRate
mixerGetNumDevs
mmioInstallIOProcA
sndPlaySoundW
waveInGetErrorTextA
midiInUnprepareHeader
timeBeginPeriod
mixerGetLineInfoW
waveInReset
midiInMessage
mixerGetControlDetailsW
midiOutLongMsg
auxOutMessage
PlaySoundW
sndPlaySoundA
midiOutGetNumDevs
midiDisconnect
waveInClose
waveInOpen
midiOutUnprepareHeader
midiOutReset
waveOutUnprepareHeader
waveOutOpen
waveInGetPosition
waveOutSetPitch
mmioAdvance
waveInGetID
midiStreamPause
midiStreamOut
waveOutGetID
mixerClose
joyGetDevCapsW
waveOutGetVolume
waveOutGetNumDevs
waveOutBreakLoop
waveOutPrepareHeader
waveInUnprepareHeader
mmioClose
midiOutCachePatches
waveOutClose
waveOutGetPitch
waveOutGetDevCapsA
midiOutPrepareHeader
midiInGetErrorTextA
midiInPrepareHeader
midiOutOpen
PlaySoundA
waveInGetDevCapsA
mixerGetLineControlsA
waveOutRestart
mciGetDeviceIDA
mixerGetID
mmioSeek
waveInGetErrorTextW
midiOutGetVolume
waveOutReset
mciGetErrorStringW
mmioStringToFOURCCA
auxGetVolume
DefDriverProc
waveInPrepareHeader
mixerMessage
midiInGetNumDevs
midiInStart
joyReleaseCapture
mciSendCommandW
waveInGetDevCapsW
waveInGetNumDevs
midiStreamRestart
mmioGetInfo
mciGetErrorStringA
mixerGetDevCapsW
timeSetEvent
midiStreamOpen
midiStreamPosition
waveInMessage
midiOutGetID
auxGetDevCapsW
mmioSetInfo
auxGetNumDevs
midiOutClose
joySetThreshold
mmioCreateChunk
timeGetTime
waveInAddBuffer
joySetCapture
mmioSetBuffer
midiOutGetErrorTextW
midiInStop
mciSendStringA
waveOutWrite
mmioRenameA
timeGetDevCaps
mmioDescend
timeKillEvent
waveOutGetDevCapsW
midiInGetDevCapsA
waveOutGetPosition
midiOutCacheDrumPatches
mixerGetDevCapsA
mixerGetControlDetailsA
midiStreamClose
mciSendCommandA
mmioFlush
mixerGetLineControlsW
mixerGetLineInfoA
midiInOpen
midiOutSetVolume
joyGetPos
mciGetYieldProc
midiOutGetErrorTextA
GetDriverModuleHandle
mmioRenameW
mmioOpenW
midiInGetDevCapsW
joyGetDevCapsA
waveOutGetErrorTextW
mmioSendMessage
midiInGetErrorTextW
mmioInstallIOProcW
midiOutGetDevCapsA
CloseDriver
DrvGetModuleHandle
mciGetCreatorTask
mciGetDeviceIDW
mmioStringToFOURCCW
midiInReset

msvcrt

_exit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter

kernel32

GetModuleHandleA
Beep
DeleteFileA
GetStartupInfoA

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0d352439b12c88a2ebd66392679a0af

Headers

File Characteristics

Imports

user32

advapi32

mpr

winmm

msvcrt

kernel32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 2.1MB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2.1MB

.rsrc
Size: 32KB - Virtual size: 29KB