VirusShare_1a862c7a9d7f9b3e75772f4407bf31b0

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_1a862c7a9d7f9b3e75772f4407bf31b0
Size

112KB
MD5

1a862c7a9d7f9b3e75772f4407bf31b0
SHA1

0ca1618cf2c777d7cb5cdab46d9c256b7418c9b5
SHA256

e3c8e6365e89a1bf49abf162ed15a659272e16b683b02ee43d0875a9dde15e18
SHA512

f643caf869b7712142f6a5b9a5a32594e9a20628d441a9158855ffcd753dcfdb7cdb11aa426540495167453023198eefca5eb110c0f85edaee62baf3d6813cbb
SSDEEP

1536:CBKlf+1XVYZRIS8B6mf2vu9ZndL29JlyCprEHemyqSRQwL1ajlnvQIcu:CBKlf+1F0Ulf2o69bweGYevT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1a862c7a9d7f9b3e75772f4407bf31b0

Files

VirusShare_1a862c7a9d7f9b3e75772f4407bf31b0
.dll windows:4 windows x86 arch:x86

ad53cdad3159ec7980753d62475002d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
FindClose
DeleteFileW
GetFileAttributesW
SetFileAttributesW
SetErrorMode
GetModuleHandleW
GetVersion
GetEnvironmentVariableW
lstrlenW
GetSystemDirectoryW
FreeLibrary
CreateEventW
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileW
CloseHandle
MulDiv
GetModuleFileNameW
GetLastError
DisableThreadLibraryCalls
GetCurrentThread
LocalAlloc
LocalReAlloc
Sleep
QueryPerformanceCounter
UnhandledExceptionFilter
GetProcessHeap
OutputDebugStringW
IsProcessorFeaturePresent
SetCurrentDirectoryW
GetCurrentDirectoryW
lstrcmpW
FindFirstFileExW
GetShortPathNameW
GetSystemDefaultUILanguage
CreateDirectoryW
LocalFree
CreateFileW
FindCloseChangeNotification
SearchPathW

user32

GetWindowThreadProcessId

advapi32

GetTokenInformation
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegEnumValueW
RegOpenKeyExW
RegSetValueW
OpenProcessToken
ConvertSidToStringSidW

msvcrt

malloc
free
rand

userenv

UnregisterGPNotification
GetUserProfileDirectoryW
RegisterGPNotification

Exports

Exports

CursorActivateDataPosition

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bss
Size: 4KB - Virtual size: 591B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad53cdad3159ec7980753d62475002d9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

userenv

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 24KB

bss Size: 4KB - Virtual size: 591B

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 200KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 24KB

bss
Size: 4KB - Virtual size: 591B

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 200KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB