VirusShare_1d003ad973381efa086be16ccef608b0

General

Target

VirusShare_1d003ad973381efa086be16ccef608b0
Size

116KB
MD5

1d003ad973381efa086be16ccef608b0
SHA1

cd0a41dd7a8328f150e3edc7baa3a0f987159afe
SHA256

a27e55d0b379f4c2178bb4ba0ccf9308127a1dadfc49b351120f1893a0b2122b
SHA512

bf6c35e4daefbb6633777968cb7cc44e7e7c0f3d3172c79c4aa8b28622325eb9000b1d86911c065b1936f53c0d0630b469f8f316194706945da36dabed79399c
SSDEEP

1536:ZUz9XqemhV9wjtQjDy7UcENZI8kgReSwTzW1ZyWQZ5G0tvV+:aJ6emv9wpYe7UnbqZb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1d003ad973381efa086be16ccef608b0

Files

VirusShare_1d003ad973381efa086be16ccef608b0
.dll windows:4 windows x86 arch:x86

a130fa218cc8c2d54d21a806b167c256

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Empty2res.pdb

Imports

kernel32

CopyFileW
GetCPInfo
GetOEMCP
TlsSetValue
TlsFree
TlsAlloc
ReadFile
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
WideCharToMultiByte
HeapFree
HeapReAlloc
HeapAlloc
GetVersionExA
GetCurrentThreadId
ExitThread
GetFileAttributesA
MultiByteToWideChar
LeaveCriticalSection
FreeEnvironmentStringsA
GetCurrentProcess
TerminateProcess
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
GetExitCodeThread
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineA
CreateProcessA
GetExitCodeProcess
CloseHandle
GetLastError
FormatMessageA
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
IsSystemResumeAutomatic
GetEnvironmentStrings
EnterCriticalSection
FreeEnvironmentStringsW

advapi32

RegEnumKeyA
RegCloseKey

Exports

Exports

FindMemoryTest

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a130fa218cc8c2d54d21a806b167c256

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 448KB

.code Size: 80KB - Virtual size: 78KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 448KB

.code
Size: 80KB - Virtual size: 78KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 1KB