VirusShare_2d6f34f04c5eb88ba36a76974824ac83

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_2d6f34f04c5eb88ba36a76974824ac83
Size

176KB
MD5

2d6f34f04c5eb88ba36a76974824ac83
SHA1

4c0950e1d7f85224f89e591572f74891931284f5
SHA256

c75eb5b8292bf39e2d011867f041bba13c0a9612dcf46dfa7c2ddf53f743129b
SHA512

04068d54b1ecf55277e96325348bb16f0ff866e9b5694886e45da16cbf0f5d1c1e5ce588bf5d059a549e37db5cd1c82f96ec8532d01929e5239bd8a62ffcbd31
SSDEEP

3072:EhHY9OJEGk9Y3xBeUkBm+s+Dq3G+N/7MeQdnql8M2t+/EWbJq6Zq9+b:v6EHYLeUkQ+NcZMeaPtnWb9z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_2d6f34f04c5eb88ba36a76974824ac83

Files

VirusShare_2d6f34f04c5eb88ba36a76974824ac83
.exe windows:5 windows x86 arch:x86

fdccb8128d07003e1d43cdec1b8dfb91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemTimeAsFileTime
FindResourceExA
IsValidCodePage
LocalUnlock
SearchPathA
CreateFileMappingA
GetTempFileNameA
ReplaceFileA
EnumResourceNamesA
lstrlenW
SizeofResource
lstrcpyA
CloseHandle
SetFilePointer
GlobalAlloc
HeapQueryInformation
WaitForSingleObject
GetFileAttributesA
GlobalHandle
DuplicateHandle
GetFullPathNameA
CompareStringA
QueryPerformanceFrequency
GetPrivateProfileStringA
EnumResourceLanguagesA
LocalFileTimeToFileTime
CreateProcessA
RaiseException
SetErrorMode
DosDateTimeToFileTime
GlobalReAlloc
GetConsoleMode
HeapAlloc
GetDriveTypeA
lstrlenA
GetDriveTypeW
FindResourceW
TlsFree
GetTimeZoneInformation
FormatMessageA
MultiByteToWideChar
UnlockFile
SetEvent
FileTimeToSystemTime
GetUserDefaultLangID
LockFile
TerminateProcess
FileTimeToLocalFileTime
CopyFileA
WritePrivateProfileStringA
LockResource
lstrcatA
GetCurrentDirectoryA
CreateFileW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
GetFileInformationByHandle
LoadLibraryA
FindFirstChangeNotificationA
IsDebuggerPresent
HeapFree
FlushFileBuffers
FreeEnvironmentStringsW
SetPriorityClass
LoadLibraryExA
SetHandleCount
TlsSetValue
lstrcmpA
GetStdHandle
GetCommandLineA
GetOEMCP
GetFileSizeEx
GetConsoleCP
InterlockedIncrement
GetModuleFileNameW
DeleteFileA
RtlUnwind
GetStartupInfoW
SetLastError
FreeLibrary
GetLocalTime
LocalLock
GetVersionExA
RemoveDirectoryA
FileTimeToDosDateTime
SetEndOfFile
LocalAlloc
WaitForMultipleObjects
GetLastError
LCMapStringW
CompareFileTime
InterlockedDecrement
FreeResource
lstrcpynA
HeapCreate
WriteFile
IsProcessorFeaturePresent
lstrcmpW
GetProcessHeap
FindNextChangeNotification
GetVolumeInformationA
CreateDirectoryA
GetCurrentThread
GetCurrentDirectoryW
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
CreateEventA
GlobalFlags
GlobalLock
HeapSize
GlobalFree
GetUserDefaultUILanguage
TlsAlloc
GetCPInfo
GetCurrentThreadId
GlobalDeleteAtom
LocalFree
GlobalGetAtomNameA
GetTempPathA
LoadResource
GlobalUnlock
InitializeCriticalSection
GetStringTypeW
FindResourceExW
MoveFileA
GetModuleFileNameA
MapViewOfFile
ResumeThread
GetEnvironmentStringsW
LocalReAlloc
CreateThread
GetProfileIntA
GetWindowsDirectoryA
FindCloseChangeNotification
TlsGetValue
CompareStringW
MulDiv
HeapSetInformation
EnterCriticalSection
GetNumberFormatA
GetSystemInfo
GetShortPathNameA
GetPrivateProfileIntA
QueryPerformanceCounter
GetSystemDefaultUILanguage
WinExec
GetDiskFreeSpaceA
GetCurrentProcessId
GetStringTypeExA
GetFileTime
SetFileAttributesA
lstrcmpiA
GetSystemDirectoryW
EnumResourceTypesA
LeaveCriticalSection
WriteConsoleW
SetEnvironmentVariableA
Sleep
ConvertDefaultLocale
GetFileAttributesExA
SetThreadPriority
GetFileSize
SetFileTime
SystemTimeToFileTime
ResetEvent
SetStdHandle
FindResourceA
GetThreadLocale
GlobalFindAtomA
GlobalSize
InterlockedExchange
SetCurrentDirectoryA
CreateFileA
DeleteCriticalSection
GetFileType
GetLocaleInfoA
WideCharToMultiByte
OpenFile
GetVersion
VirtualProtect
CancelIo
GetModuleHandleA
AddAtomA
GetProcAddress
GetACP
LoadLibraryW
GetModuleHandleW
GetCurrentProcess
SuspendThread
GlobalAddAtomA

user32

DrawTextW
SetTimer
GetFocus
DestroyMenu
MessageBeep
LoadImageW
RemoveMenu
MonitorFromPoint
PostQuitMessage
LoadMenuW
DefWindowProcW
CallWindowProcW
PeekMessageW
MapWindowPoints
EnumChildWindows
EnumWindows
TrackMouseEvent
DispatchMessageW
GetMenuItemCount
SetWindowLongW
GetWindowRect
GetClassNameW
ScreenToClient
CharNextW
GetCursorPos
TrackPopupMenuEx
ReleaseDC
UpdateLayeredWindow
LoadCursorW
LoadStringW
GetMenuItemInfoW
SetCursor
DestroyCursor
SetFocus
MonitorFromWindow
AppendMenuW
GetWindow
SetWindowTextW
GetParent
TranslateAcceleratorW
GetWindowThreadProcessId
PtInRect
LoadStringA
LoadIconA
GetKeyboardLayout
CharLowerA
IsWindowUnicode
SetWindowPos
ShowWindow
PostMessageW
SendMessageW
UnregisterClassA
TranslateMessage
GetWindowTextW
KillTimer
GetWindowDC
CreatePopupMenu
GetMonitorInfoW
IsWindow
InvalidateRect
GetWindowLongW
GetMessageW
GetClientRect

gdi32

AngleArc
ColorCorrectPalette

advapi32

RegQueryValueExW
EnumDependentServicesW
BuildExplicitAccessWithNameW
SetServiceStatus
RegOpenKeyW
StartServiceW
RegCreateKeyExW
RegCloseKey
RegCreateKeyW
QueryServiceStatusEx
RegSetValueExW
SetTokenInformation
OpenServiceW
ReportEventW
RegisterServiceCtrlHandlerExW
RevertToSelf
CreateServiceW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
CreateProcessAsUserW
ControlService
DuplicateTokenEx
GetTokenInformation
StartServiceCtrlDispatcherW
DeregisterEventSource
ChangeServiceConfigW
OpenProcessToken
RegEnumKeyW
DeleteService
RegisterEventSourceW
OpenSCManagerW
RegOpenKeyExW
SetEntriesInAclW
CloseServiceHandle

shell32

SHGetMalloc
SHEmptyRecycleBinW
SHGetSpecialFolderPathW

ole32

CoInitialize

shlwapi

PathCombineW
PathRemoveFileSpecW
StrStrIW
PathFindFileNameW
PathQuoteSpacesW
PathAppendW
PathFileExistsW

version

VerQueryValueW

oledlg

ord8
OleUIBusyW

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetModuleBaseNameA
GetModuleInformation
GetModuleFileNameExW

msvcrt

_CIsin
_except_handler3
__set_app_type
_exit
exit

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdccb8128d07003e1d43cdec1b8dfb91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 18KB - Virtual size: 78KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 18KB - Virtual size: 78KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 4KB - Virtual size: 4KB