VirusShare_46cd522a28500d956c4820dfcb469b88

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_46cd522a28500d956c4820dfcb469b88
Size

175KB
MD5

46cd522a28500d956c4820dfcb469b88
SHA1

6f5e5df48c6b76be27ae50f138ece370da502b4d
SHA256

8b444a40c28ca74a800a0bb52a702a18585f7d41ffe5a51ac2bf58fe8f12cb2f
SHA512

ece3373ed7bb98eb207587d93f44308c9d0b2433e65be777bcc55ea8edd81ee8ee31d022a922724473640844415b5c5f860907f5df2318ca9dde0dce7200aad6
SSDEEP

3072:UHPzKeOh4F/GYwFv/8FiGa7NoYbH/W/DY8UXAj0gq5q05wf2FPyWE0+:epFj8Pd/GU8pqs05wfk6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_46cd522a28500d956c4820dfcb469b88

Files

VirusShare_46cd522a28500d956c4820dfcb469b88
.exe windows:5 windows x86 arch:x86

8f6397ef09f85b34efe362396d126299

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
HeapSetInformation
LocalFree
GetCommandLineA
FindResourceExA
lstrcatA
SetErrorMode
VirtualQuery
GetTempFileNameA
ResumeThread
GlobalLock
GetLastError
UnlockFile
QueryPerformanceFrequency
lstrcmpW
GetFileType
LoadResource
GetCurrentDirectoryA
LocalFileTimeToFileTime
FindResourceW
LocalAlloc
GetDriveTypeW
HeapSize
MapViewOfFile
WinExec
GetEnvironmentStringsW
GlobalAlloc
LocalLock
GetDriveTypeA
CreateProcessA
GetUserDefaultUILanguage
EnumResourceNamesA
LocalUnlock
GetFileTime
_lwrite
SetFileAttributesA
GetTimeZoneInformation
MulDiv
EnumResourceLanguagesA
CopyFileA
lstrcmpiA
FreeEnvironmentStringsW
GetFileAttributesA
GetSystemInfo
CreateFileA
GlobalFindAtomA
GetSystemDirectoryW
InterlockedDecrement
TlsFree
CompareStringA
GetNumberFormatA
CreateFileW
SetEvent
CreateThread
lstrcpynA
EnumResourceTypesA
GetStringTypeExA
GetACP
FreeLibrary
GetLocaleInfoA
HeapFree
TerminateProcess
RtlUnwind
LocalReAlloc
ExpandEnvironmentStringsA
GetTickCount
GetModuleHandleW
MultiByteToWideChar
CloseHandle
SetEndOfFile
FreeResource
Sleep
GlobalFree
lstrlenW
FileTimeToDosDateTime
FindClose
LoadLibraryA
GetLocalTime
GetCurrentProcess
DosDateTimeToFileTime
GlobalGetAtomNameA
GetStdHandle
GetOEMCP
CreateFileMappingA
FindFirstFileExA
_lcreat
InitializeCriticalSection
FlushFileBuffers
WideCharToMultiByte
ExitProcess
GetFileInformationByHandle
IsValidCodePage
GetPrivateProfileStringA
LeaveCriticalSection
SetFilePointer
SetCurrentDirectoryA
ReplaceFileA
LoadLibraryW
_lread
RemoveDirectoryA
GetStringTypeW
SetThreadPriority
UnmapViewOfFile
GetTempPathA
GetStartupInfoW
CompareFileTime
GetVersionExA
LoadLibraryExA
GetFileSize
GetFileSizeEx
ConvertDefaultLocale
GlobalAddAtomA
GetCPInfo
TlsGetValue
HeapAlloc
GlobalReAlloc
WriteConsoleW
InterlockedExchange
IsDebuggerPresent
GetCurrentThread
GlobalHandle
FindNextFileA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentThreadId
WritePrivateProfileStringA
WriteFile
CreateDirectoryA
LockFile
UnhandledExceptionFilter
FindResourceExW
WaitForMultipleObjects
GetCurrentProcessId
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageA
QueryPerformanceCounter
LCMapStringW
ReadFile
GetVolumeInformationA
GetCurrentDirectoryW
GetSystemDirectoryA
DeleteFileA
SearchPathA
DeleteCriticalSection
GetFileAttributesExA
IsProcessorFeaturePresent
GetShortPathNameA
GetModuleHandleA
GetConsoleCP
GetFullPathNameA
ExitThread
lstrcpyA
HeapCreate
SetFileTime
SetEnvironmentVariableA
SetHandleCount
GetDiskFreeSpaceA
RaiseException
CompareStringW
SuspendThread
DuplicateHandle
HeapQueryInformation
GetConsoleMode
CreateEventA
TlsSetValue
GetEnvironmentVariableW
LoadLibraryExW
CancelWaitableTimer
VirtualProtectEx
OpenWaitableTimerA
OpenWaitableTimerW
AddAtomW
CancelIo
GetVersion
GlobalAddAtomW
AreFileApisANSI
InterlockedIncrement
GlobalSize
TlsAlloc
FindResourceA
lstrcmpA
SetLastError
EnterCriticalSection
GlobalUnlock
FindFirstFileA
OpenFile
GetProfileIntA
GetThreadLocale
FindFirstChangeNotificationA
WaitForSingleObject
LockResource
_lclose
InitializeCriticalSectionAndSpinCount
GlobalDeleteAtom
GetProcessHeap
FindNextChangeNotification
SetPriorityClass
GlobalFlags
GetUserDefaultLangID
GetModuleFileNameW
VirtualProtect
SetUnhandledExceptionFilter
FindCloseChangeNotification
GetWindowsDirectoryA
HeapReAlloc
GetProcAddress
MoveFileA
GetPrivateProfileIntA
SetStdHandle
SizeofResource
GetSystemDefaultUILanguage
ResetEvent
lstrlenA

user32

SetForegroundWindow
LoadStringA
LoadIconA
CharUpperA
wsprintfW
GetForegroundWindow
IsWindowVisible
GetDesktopWindow

advapi32

EnumDependentServicesW
ReportEventW
RegisterServiceCtrlHandlerExW
SetNamedSecurityInfoW
RegOpenKeyExW
ControlService
DeleteService
DuplicateTokenEx
RegCreateKeyExW
RegQueryValueExW
StartServiceW
OpenServiceW
SetTokenInformation
RegCreateKeyW
OpenSCManagerW
RegSetValueExW
StartServiceCtrlDispatcherW
DeregisterEventSource
ChangeServiceConfigW
QueryServiceStatusEx
RevertToSelf
GetNamedSecurityInfoW
CloseServiceHandle
SetServiceStatus
OpenProcessToken
GetTokenInformation
BuildExplicitAccessWithNameW
RegisterEventSourceW
SetEntriesInAclW
RegCloseKey
CreateServiceW
RegEnumKeyW
RegOpenKeyW
CreateProcessAsUserW

shell32

SHGetMalloc
SHGetSpecialFolderPathW
SHEmptyRecycleBinW

ole32

CoInitialize

shlwapi

PathCombineW
PathFindFileNameW
PathQuoteSpacesW
StrStrIW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

version

VerQueryValueW

oledlg

ord8

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetModuleInformation
GetModuleFileNameExW

msvcrt

__set_app_type
exit
_CIsin
_except_handler3

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f6397ef09f85b34efe362396d126299

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

userenv

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 42KB - Virtual size: 134KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 42KB - Virtual size: 134KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 10KB - Virtual size: 10KB