VirusShare_1fca02c9b41ca8164dcbe5624a925036

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_1fca02c9b41ca8164dcbe5624a925036
Size

309KB
MD5

1fca02c9b41ca8164dcbe5624a925036
SHA1

a65d2fdbea2f21772adae110ef03eb187bc0fdac
SHA256

90bd8c1f54522db5821ff3ed670531f50e88ec61ce1ab3b5f9c9477cebd79ff3
SHA512

423cbe37adf1f7f7ae610d0097368109a4ea767bd58cfd013f6afdbe54d34f430fa6c9287909b99d7177902f97f411e2e1b3c6c3eef8acd7c72a6630e377f2a8
SSDEEP

6144:KXWVWipoUM2rSBnr5XdsM9ZWYXOqJsVup/sO3z+WuLY:KiWimUxrUrZxmuOq6VupX40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1fca02c9b41ca8164dcbe5624a925036

Files

VirusShare_1fca02c9b41ca8164dcbe5624a925036
.exe windows:4 windows x86 arch:x86

0318d07cd95ecb31faf680a1b20eda9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnectionW
MultinetGetConnectionPerformanceA

advapi32

OpenSCManagerW
BuildTrusteeWithNameA
LsaQueryTrustedDomainInfoByName
EnumDependentServicesW
GetNamedSecurityInfoW
MapGenericMask
RegCreateKeyExA
ReadEventLogW
ObjectCloseAuditAlarmW
BuildImpersonateTrusteeA
RegDeleteKeyA
SetFileSecurityA
QueryServiceLockStatusA
RegRestoreKeyW
GetSecurityDescriptorControl
RegSetValueExA
GetNamedSecurityInfoA
LookupSecurityDescriptorPartsW
RegOpenKeyExW
RegisterEventSourceW
CreateServiceA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
FreeSid
LsaCreateTrustedDomainEx
GetAclInformation
GetSidSubAuthority
EnumServicesStatusA
CloseServiceHandle
AdjustTokenPrivileges
GetSecurityDescriptorOwner
AddAccessAllowedAce
SetServiceStatus
NotifyChangeEventLog
SetEntriesInAclW
EqualSid
RegisterEventSourceA
AreAnyAccessesGranted
RevertToSelf
OpenServiceA
OpenBackupEventLogA
BuildTrusteeWithSidA
QueryServiceLockStatusW
GetTrusteeFormA
GetExplicitEntriesFromAclA
RegNotifyChangeKeyValue
RegQueryValueExA
MakeSelfRelativeSD
LsaSetTrustedDomainInfoByName
GetAce
LsaAddAccountRights
GetSecurityDescriptorDacl
LsaRetrievePrivateData
LookupPrivilegeNameW
RegUnLoadKeyA
BackupEventLogA
LsaClose
LsaQueryTrustedDomainInfo
QueryServiceStatus
MakeAbsoluteSD
GetTokenInformation
LookupPrivilegeDisplayNameW
AddAuditAccessAce
RegDeleteKeyW
RegOverridePredefKey
RegisterServiceCtrlHandlerW
LogonUserW
OpenEventLogA
BackupEventLogW
ObjectOpenAuditAlarmW
IsValidSid
EqualPrefixSid
RegEnumKeyA
GetLengthSid
GetSecurityInfo
ReadEventLogA
SetKernelObjectSecurity
SetEntriesInAclA
RegReplaceKeyA
RegUnLoadKeyW
StartServiceA
RegDeleteValueW
LockServiceDatabase
AdjustTokenGroups
RegSetKeySecurity
GetServiceKeyNameA
AccessCheck
InitiateSystemShutdownW
PrivilegedServiceAuditAlarmW
GetOldestEventLogRecord
RegSetValueA
LsaOpenPolicy
StartServiceCtrlDispatcherW
QueryServiceConfigA
DeleteService
GetFileSecurityA
RegSetValueExW
RegCreateKeyW
GetExplicitEntriesFromAclW
RegisterServiceCtrlHandlerA
DeregisterEventSource
ReportEventA
RegConnectRegistryA
RegQueryValueW
RegQueryValueExW
IsTokenRestricted
BuildSecurityDescriptorW
CopySid
LookupAccountNameA
SetThreadToken
GetAuditedPermissionsFromAclW
LogonUserA
OpenProcessToken
RegReplaceKeyW
QueryServiceConfig2A
IsValidAcl
GetSidSubAuthorityCount
GetPrivateObjectSecurity
StartServiceCtrlDispatcherA
SetNamedSecurityInfoA
RegQueryInfoKeyW
ObjectCloseAuditAlarmA
GetNumberOfEventLogRecords
SetPrivateObjectSecurity
GetServiceDisplayNameW
LookupAccountNameW
SetSecurityDescriptorGroup
InitializeSecurityDescriptor
UnlockServiceDatabase
RegQueryMultipleValuesA
GetSidIdentifierAuthority
RegCloseKey
AbortSystemShutdownW
GetSecurityDescriptorSacl
LookupPrivilegeValueA
RegEnumValueW
CreatePrivateObjectSecurity
QueryServiceConfig2W
LsaNtStatusToWinError
CreateRestrictedToken
GetKernelObjectSecurity
BuildExplicitAccessWithNameW
SetServiceObjectSecurity
CreateProcessAsUserA
RegGetKeySecurity
OpenBackupEventLogW

kernel32

GetModuleHandleA
GetStartupInfoA
DeleteFileA
EnumResourceLanguagesA
GlobalCompact
EnumResourceNamesA
GetCPInfo

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_XcptFilter
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
__p__commode

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0318d07cd95ecb31faf680a1b20eda9f

Headers

File Characteristics

Imports

mpr

advapi32

kernel32

msvcrt

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2.2MB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2.2MB

.rsrc
Size: 20KB - Virtual size: 18KB