VirusShare_0f711e6caba3f05313ed1abfa2e21a50

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_0f711e6caba3f05313ed1abfa2e21a50
Size

187KB
MD5

0f711e6caba3f05313ed1abfa2e21a50
SHA1

56cc1b5d1054ae28be43bfcaf924927ca1a678df
SHA256

ca7ea0581f709a9fdb939ab5db93e085af0a1066587c4983049404c954587af5
SHA512

cef295610a15d39d12dcace797c26e14b95419152159895769afd0020fc428518078cc1a97133b488ef9ef467d85617bc0d6ffc4c271ba0b371291ef14f63e25
SSDEEP

3072:nrF+yD5RQZffY9Vxp7Lo7YdlhjZqMNK5+nqQcjmBu5hp7C1LLcUrug0dor7P/f61:syTco957LMk9vxnqWs7Qtrpf7P/VY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_0f711e6caba3f05313ed1abfa2e21a50

Files

VirusShare_0f711e6caba3f05313ed1abfa2e21a50
.dll windows:4 windows x86 arch:x86

250f624bb3fc7555a9048f38c9e051ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThread
SetEvent
WaitForSingleObject
GetSystemTime
GetFileTime
CompareFileTime
GetTimeZoneInformation
IsDBCSLeadByteEx
ResetEvent
TlsAlloc
IsValidCodePage
IsBadReadPtr
GetStringTypeW
GlobalHandle
GlobalReAlloc
GlobalLock
GetSystemDefaultLangID
lstrcmpW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
LocalFree
DisableThreadLibraryCalls
LocalAlloc
lstrcpynW
lstrlenW
GetLastError
CloseHandle
GetLocaleInfoA
GetModuleFileNameW
GetFileAttributesW
GetVersion
SetLastError
OutputDebugStringA
GetWindowsDirectoryW
FindClose
FindFirstFileW
GlobalFree
GetCommandLineW
GlobalAlloc
ReadFile
WriteFile
CreateDirectoryW
ExpandEnvironmentStringsW
FreeLibrary
lstrcpyW
DeleteCriticalSection
GetSystemDirectoryW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
HeapFree
GetComputerNameW
Sleep
QueryPerformanceCounter
UnhandledExceptionFilter
FormatMessageA
GetStartupInfoW
FindNextFileA
SetEndOfFile
SetFilePointer
CreateEventA
FlushFileBuffers
GetOverlappedResult
SetFileAttributesA
GetLocaleInfoW
GetThreadLocale
GetACP
GetTimeFormatW
IsBadWritePtr
LoadResource
GetUserDefaultLCID
GetModuleFileNameA
lstrcatA
IsDBCSLeadByte
VirtualFree
GetModuleHandleA
HeapCreate
HeapDestroy
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
VirtualProtect
lstrlenA
VirtualAlloc

user32

SetWindowsHookExW
GetWindowTextW
wsprintfW
CallNextHookEx
EnableWindow
RegisterClipboardFormatW
CharPrevA
UnhookWindowsHookEx
LoadIconW
ReleaseDC
GetDlgCtrlID
WinHelpW
LoadBitmapW
SetForegroundWindow
GetClientRect

advapi32

RegDeleteKeyW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegNotifyChangeKeyValue
RevertToSelf
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegFlushKey
RegOpenKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
ChangeServiceConfig2W
ChangeServiceConfigW
OpenSCManagerW
StartServiceW
RegConnectRegistryW
RegCreateKeyW
CloseServiceHandle
RegEnumKeyExW

shell32

SHGetMalloc
CommandLineToArgvW

ole32

CoUninitialize
CoSetProxyBlanket
CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoCreateGuid
ProgIDFromCLSID
CoTaskMemRealloc

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

wcstok
malloc
free
wcslen
isdigit
strpbrk
printf
wcsrchr
realloc
strrchr
memchr
sscanf
strspn
swscanf
strcspn
memmove
iswspace
wcschr
wcscat
sprintf
strncpy
strchr
strncmp
wcsncmp
atol
wcsncpy
toupper
tolower
towupper
towlower
bsearch
strtoul
wcscmp
wcstod
wcscpy
mbstowcs
wcsstr
strstr

shlwapi

SHDeleteKeyW

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreateSequential

urlmon

CoInternetGetSession
CopyBindInfo
CoInternetParseUrl

Exports

Exports

AVersionVersions
EndorsedAndInTimePlatform
IncorporateTheTo
OfJava
OutsideFromCreatedToOr
OverrideAOn
SeeTechnologiesHttpIntoThat
StandardsToTo
ThatNecessaryToOrderClasses
TheIs
TheProvidesVersions
UpdateList

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 28KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250f624bb3fc7555a9048f38c9e051ce

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

msvcrt

shlwapi

rpcrt4

urlmon

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 24KB - Virtual size: 20KB

.xdata Size: 28KB - Virtual size: 248KB

.rsrc Size: 36KB - Virtual size: 32KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 24KB - Virtual size: 20KB

.xdata
Size: 28KB - Virtual size: 248KB

.rsrc
Size: 36KB - Virtual size: 32KB

.reloc
Size: 4KB - Virtual size: 1KB