VirusShare_1d3308c37ae1def758814fe5e8fc9920

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_1d3308c37ae1def758814fe5e8fc9920
Size

91KB
MD5

1d3308c37ae1def758814fe5e8fc9920
SHA1

d5e8b47384d6535f55e40cf70c4353b175faf59f
SHA256

24ce65794f2c099e00f821edbcb9d559f2f28b30c0e5567f46b6c903ea767339
SHA512

61c2d83e9305b5b132dd1cb50d9972bff1e3a887751a01e86ba382c1956720248ce1e72bd7724668612a6f917e2b13a906fa261549f1fd3b718abc757ee9ec11
SSDEEP

1536:zv4e5uLCOOex3VXJoJdZC9QGgMd2q1dGaaCnMEN/+0YLrAn+SN:zAe5uXx3VerZUdd2S0aFl/3IAn+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1d3308c37ae1def758814fe5e8fc9920

Files

VirusShare_1d3308c37ae1def758814fe5e8fc9920
.dll windows:5 windows x86 arch:x86

316f3846ca6e0736c1ee323a5fad1ae1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
GetACP
HeapReAlloc
InterlockedExchange
IsValidCodePage
IsValidLocale
GetCommandLineA
LCMapStringW
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
RtlUnwind
SetFileAttributesW
SetFilePointer
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
ExitProcess
EnumSystemLocalesA
DeleteFileW
LCMapStringA
GetCPInfo
CreateSemaphoreW
CompareStringW
CloseHandle
VirtualAllocEx
HeapFree
QueryPerformanceCounter

user32

MsgWaitForMultipleObjects
LoadIconW
DispatchMessageW
PeekMessageW
LoadIconA
LoadCursorW
LoadCursorA
wsprintfW
DestroyIcon

gdi32

GetStockObject

advapi32

EqualSid
CreateProcessAsUserW
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyExW
FreeSid
GetTokenInformation
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegRestoreKeyW
RegSaveKeyW
DuplicateTokenEx

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

StrStrIW
PathCanonicalizeW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

316f3846ca6e0736c1ee323a5fad1ae1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 1024B - Virtual size: 68KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 1024B - Virtual size: 68KB