VirusShare_1449cdc2acb385e8326dfd0364e67d25

General

Target

VirusShare_1449cdc2acb385e8326dfd0364e67d25
Size

339KB
MD5

1449cdc2acb385e8326dfd0364e67d25
SHA1

27ec595e01e4c89fb17a895bced8b84871355df4
SHA256

7007b16d76f879588fbbaef6ed77de0be778d38b09ace3740d50068937334dab
SHA512

d660379a13c169ca0690a64cf5427d75ca71030e61bcc2795d6ddbd41d21028b453487c170db74303aa6c2c76d188272c8f6ad049ac4e579c6aaf738590d8c0b
SSDEEP

6144:Y9Jy1mYCrFLXOppiFWDKvZBjtgnbEufzKB/xL4lkY:YvyUYsXWpiVztebEWz+Z4eY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1449cdc2acb385e8326dfd0364e67d25

Files

VirusShare_1449cdc2acb385e8326dfd0364e67d25
.exe windows:4 windows x86 arch:x86

1db4e811d33c3fdb733f16ae7fb5ff8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32Next
GetModuleHandleA
CreateProcessW
FindResourceExA
CommConfigDialogW
GetLongPathNameW
BeginUpdateResourceW
FlushConsoleInputBuffer
GetPrivateProfileStringA
GetMailslotInfo
GetStartupInfoA
Module32Next
GetModuleHandleA
CreateProcessW
FindResourceExA
CommConfigDialogW
GetLongPathNameW
BeginUpdateResourceW
FlushConsoleInputBuffer
GetPrivateProfileStringA
GetMailslotInfo
GetStartupInfoA

advapi32

ImpersonateLoggedOnUser
LsaEnumerateTrustedDomains

shlwapi

SHRegEnumUSKeyA
StrCSpnIW
StrIsIntlEqualW
PathFindNextComponentA
PathUnmakeSystemFolderW
PathIsRelativeW
SHRegCreateUSKeyA
PathAddBackslashA
PathBuildRootW
SHDeleteEmptyKeyA
StrToIntExA
PathIsRootW
PathIsRelativeA
SHRegCreateUSKeyW
PathIsUNCW
PathFindOnPathA
PathMakePrettyW
StrFromTimeIntervalW
PathCommonPrefixA
SHRegCloseUSKey
SHRegGetBoolUSValueW
StrCSpnW
SHRegEnumUSKeyW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

user32

ReuseDDElParam
GetKeyState

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1db4e811d33c3fdb733f16ae7fb5ff8e

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

msvcrt

user32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2.7MB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2.7MB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 12KB - Virtual size: 9KB