VirusShare_2935320795e17a2685b41ae7d6ad0292

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_2935320795e17a2685b41ae7d6ad0292
Size

348KB
MD5

2935320795e17a2685b41ae7d6ad0292
SHA1

ebb293ceb4f44f2aee50a3d65a095c0ae70173ab
SHA256

e964c8dd0c93e00fed20b5c2dd30c515e8778a5bc9010e0dfe31380ae3e2e099
SHA512

7147ff0f38ff089397f68bab05eb1947d35786b8021a0870ccce805cc72d2482fcf28a92a3350aac4a027d5e951f7e66ebf591d5e5d94c93813000a836a013ad
SSDEEP

6144:m/VDyfA1m6LNva5RhDbUewlM3U2NQn7+yA0w5O6TsTbqOFa+5r8Vpbp9k8jRKwJf:mh7NLdarlTw/2NQn7RnwLsZaQ8/zk8wk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_2935320795e17a2685b41ae7d6ad0292

Files

VirusShare_2935320795e17a2685b41ae7d6ad0292
.exe windows:4 windows x86 arch:x86

8a575dd2078bc7ff2077295a9ce7b067

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_memccpy

comctl32

ord8
ImageList_GetImageInfo

gdi32

PolyTextOutA
ExtEscape
SelectObject
CreatePenIndirect
SetBitmapBits
GetTextExtentExPointA
PathToRegion
WidenPath
Ellipse
CreateBitmapIndirect
ArcTo
TranslateCharsetInfo
MoveToEx
PolyPolygon
EnumFontFamiliesA
GetICMProfileW
InvertRgn
ExtTextOutW
DPtoLP
GetLogColorSpaceW
CreateICA
GetSystemPaletteUse
GetDeviceGammaRamp
GetTextCharsetInfo
GetKerningPairsA
CreateDIBPatternBrushPt
CreateBrushIndirect
AddFontResourceA
SetMetaFileBitsEx
CreateFontIndirectA
LineTo
ColorMatchToTarget
ExtCreatePen
GetWindowExtEx
DeleteColorSpace
PatBlt
CreateRectRgnIndirect
CreateRectRgn
SetTextCharacterExtra
DeleteDC
MaskBlt
CreatePolyPolygonRgn
PolyDraw
CopyMetaFileA
GetKerningPairsW
GetTextMetricsW
GetDCOrgEx
GetBoundsRect
CreateEllipticRgnIndirect
GetObjectA
GetEnhMetaFilePixelFormat
RestoreDC
SetICMProfileA
LineDDA
RectInRegion
BeginPath
CreateHatchBrush
FrameRgn
CreateRoundRectRgn
SetBkColor
GetEnhMetaFileA
RemoveFontResourceW
EndPage
GetPixelFormat
GetTextCharacterExtra
GdiComment
GetViewportExtEx
RectVisible
SaveDC
ModifyWorldTransform
GetCharWidthA
GetTextCharset
GetArcDirection
CreatePen
CreateMetaFileA
AddFontResourceW
GetCharWidth32A
PolyBezier
CreateDiscardableBitmap
CreateBitmap
PolyPolyline
SetGraphicsMode
CreateDCA
RemoveFontResourceA
ExtFloodFill
EnumFontsW
Rectangle
CancelDC
CreateDIBSection
GetNearestColor
SetArcDirection
SetDeviceGammaRamp
UnrealizeObject
CopyMetaFileW
GetStockObject
GetMetaRgn
GetPixel
ExtTextOutA
ResizePalette
GetCharABCWidthsFloatW
GetBkColor
GetCharWidthW
GetEnhMetaFileBits
EnumICMProfilesW
GetTextExtentPoint32A
SetRectRgn
GetGlyphOutlineW
CreatePolygonRgn
GetNearestPaletteIndex
GetGraphicsMode
CreateICW
GetClipRgn
PolylineTo
CreateMetaFileW
GdiSetBatchLimit
StartDocW
SetBkMode
CreateFontW
CreateCompatibleBitmap
GetTextExtentPoint32W
GetDIBits
DeleteObject
ScaleWindowExtEx
PtVisible

user32

WindowFromDC
IsDialogMessageA
CharPrevA
CloseWindowStation
BlockInput
SetForegroundWindow
ValidateRgn
GetMessageW
CopyAcceleratorTableW
CharToOemBuffW
IMPQueryIMEW
GetMessageA
DlgDirListA
DragObject
GetDoubleClickTime
FlashWindow
GetKeyboardState
DispatchMessageA
SendInput
BringWindowToTop
DdeQueryStringA
ToUnicodeEx
GetKeyboardLayoutList
SetPropA
IsCharAlphaNumericA
GetDCEx
GetWindowModuleFileNameW
TranslateAcceleratorA
MapVirtualKeyW
DdeFreeStringHandle
PackDDElParam
GetLastActivePopup
CallMsgFilterA
GetScrollPos
GetClipboardOwner
SetScrollRange
DrawTextExA
GetMessagePos
CreateIconFromResourceEx
GetTabbedTextExtentW
MoveWindow
FindWindowExA
SetWindowsHookA
GetWindowWord
GetClipboardData
GetCapture
InflateRect
ChangeDisplaySettingsW
SetRectEmpty
GetForegroundWindow
LoadMenuIndirectW
PostQuitMessage
WinHelpA
SetWindowPos
SendMessageTimeoutW
UnhookWinEvent
SetWindowTextW
SystemParametersInfoA
EnumThreadWindows
GetMenuItemInfoW
TranslateMDISysAccel
SwapMouseButton
GrayStringW
keybd_event
PeekMessageA
ArrangeIconicWindows
GetWindowLongW
DestroyCaret
GetClassNameA
SetWinEventHook
LoadAcceleratorsA
SystemParametersInfoW
CallMsgFilterW
GetMenuCheckMarkDimensions
MapVirtualKeyExW
SetWindowPlacement
GetCursorPos
GetNextDlgTabItem
VkKeyScanExA
GetWindowTextW
LoadBitmapA
LoadMenuA
GetClassLongW
GetInputState
ExitWindowsEx
GetDlgItemTextW
FillRect
ShowScrollBar
FreeDDElParam
SetSysColors
GetClipCursor
SetScrollInfo
IsChild
CreateDialogParamA
GetDlgItemInt
DdeCreateStringHandleW
AttachThreadInput
CharToOemA
IsWindow
GetGUIThreadInfo
GetWindowThreadProcessId
CheckMenuItem
LoadIconA
CharNextExA
DefWindowProcA
IsMenu
PtInRect
DdeClientTransaction
GetQueueStatus
CreateCursor
SetWindowLongW
GetTabbedTextExtentA
ScrollDC
VkKeyScanW
DialogBoxParamA
CharNextA
ToAsciiEx
OpenWindowStationW
OpenIcon
DialogBoxIndirectParamW
WinHelpW
DefFrameProcW
SetUserObjectInformationA
IsIconic
SetScrollPos
DdeQueryConvInfo
AppendMenuA
DestroyIcon
GetMenuItemID
GrayStringA
CharPrevW
CloseDesktop
SetMenuItemBitmaps
ChangeDisplaySettingsA
SetCaretPos
IsCharAlphaA
IMPQueryIMEA
GetKeyNameTextW
ChangeClipboardChain
DdeUninitialize
CreateDesktopW
OemToCharBuffA
RemovePropA
GetMenu
GetClientRect
EnumDisplaySettingsA
GetMessageExtraInfo
GetWindowModuleFileNameA
GetWindowRect
SetKeyboardState
SetClipboardViewer
GetProcessWindowStation
PaintDesktop
UnhookWindowsHookEx
EndPaint
GetMessageTime
IsRectEmpty
SendMessageA
DrawTextExW
DrawStateA
DdeQueryStringW
MessageBeep
ReuseDDElParam
SetWindowContextHelpId
IsCharAlphaW
CharUpperA
SetClipboardData
DrawStateW
SendDlgItemMessageW
MessageBoxExW
IsCharLowerA
SendNotifyMessageW
ChangeMenuA
ScrollWindowEx
CheckDlgButton
VkKeyScanA
LookupIconIdFromDirectoryEx
GetClassLongA
EndDialog
EnumClipboardFormats
KillTimer
InvertRect
GetClipboardViewer
DrawFrameControl
GetWindowTextLengthA
SetActiveWindow
GetWindow
ScrollWindow
FindWindowA
CopyRect
WindowFromPoint
GetDlgItemTextA
CharToOemW
DdeUnaccessData
CharUpperW
NotifyWinEvent
IsCharAlphaNumericW
GetCaretPos
DefDlgProcA
CreateMDIWindowW
DeferWindowPos
RedrawWindow
GetKeyboardLayout
LockWindowUpdate
IMPSetIMEW
LoadCursorFromFileA
InsertMenuItemW
SetThreadDesktop
GetUserObjectSecurity
GetSystemMetrics
IsWindowUnicode
LoadBitmapW
GetOpenClipboardWindow
DispatchMessageW
SetCaretBlinkTime
UnpackDDElParam
GetWindowPlacement
EnumWindowStationsW
SendMessageCallbackA
GetUpdateRgn
CreateDialogIndirectParamA
InvalidateRect
GetWindowTextA
LoadMenuIndirectA
GetSysColor
DefMDIChildProcW
DestroyCursor
MessageBoxA
CreatePopupMenu
GetClassInfoW
GetMenuItemRect
DdeCmpStringHandles
SetDlgItemTextW
SetCursor
DialogBoxIndirectParamA
DestroyMenu
CheckMenuRadioItem
VkKeyScanExW
PostMessageA
DlgDirSelectExA
RegisterClipboardFormatW
GetDesktopWindow
GetSystemMenu
DestroyAcceleratorTable
GetKeyState
PostThreadMessageW
SetMenuItemInfoW
GetScrollInfo
TranslateAcceleratorW
GetSysColorBrush
DdeImpersonateClient
PostThreadMessageA
UnregisterClassW
LoadStringW
SetWindowsHookExW
ChildWindowFromPointEx
DdeQueryNextServer
ChangeDisplaySettingsExA
CascadeWindows
DefWindowProcW
IMPGetIMEW
HideCaret
SendMessageW
RegisterClassExW
GetMenuState
GetDlgCtrlID
EnumDisplaySettingsW
DdeConnectList
MapWindowPoints
mouse_event
ShowWindow
CreateWindowStationW
DdeDisconnect
SetWindowsHookW
GetMenuItemCount
CharPrevExA
EndDeferWindowPos
GetClassInfoExW
OffsetRect
GetDlgItem
EnumPropsW

advapi32

InitializeSecurityDescriptor
RegRestoreKeyA
OpenBackupEventLogA
DuplicateTokenEx
ImpersonateSelf
GetExplicitEntriesFromAclA
BuildExplicitAccessWithNameW
RegConnectRegistryA
RegQueryInfoKeyW
GetTokenInformation
CreateProcessAsUserW
ObjectPrivilegeAuditAlarmA
DecryptFileW
GetAclInformation
RegEnumKeyExW
LsaClose
RegQueryInfoKeyA
LsaOpenPolicy
RegSetValueExA
IsValidSecurityDescriptor
GetSidLengthRequired
CreateRestrictedToken
RegSetValueExW
RegNotifyChangeKeyValue
MapGenericMask
RegLoadKeyW
SetNamedSecurityInfoW
GetTrusteeFormW
LsaQueryTrustedDomainInfoByName
LookupPrivilegeNameA
LookupPrivilegeNameW
AreAllAccessesGranted
LsaEnumerateAccountsWithUserRight
GetLengthSid
DestroyPrivateObjectSecurity
LookupAccountSidA
SetSecurityDescriptorGroup
RegDeleteValueA
LsaNtStatusToWinError
ObjectOpenAuditAlarmW
RegRestoreKeyW
LookupAccountSidW
RevertToSelf
RegFlushKey
LsaLookupSids
LsaSetDomainInformationPolicy
EncryptFileW
AccessCheckAndAuditAlarmA
InitializeAcl
IsTokenRestricted
ObjectCloseAuditAlarmW
InitiateSystemShutdownA
RegReplaceKeyW
LookupPrivilegeValueA
GetSidSubAuthorityCount
LookupAccountNameW
AdjustTokenGroups
SetFileSecurityW
LookupPrivilegeValueW
EqualSid
ImpersonateLoggedOnUser
GetExplicitEntriesFromAclW
AbortSystemShutdownA
ImpersonateNamedPipeClient
LsaQueryTrustedDomainInfo
GetKernelObjectSecurity
AreAnyAccessesGranted
BuildExplicitAccessWithNameA
RegEnumKeyExA
EqualPrefixSid
GetOldestEventLogRecord
GetSidSubAuthority
RegSaveKeyA
AddAce
GetNamedSecurityInfoW
RegQueryMultipleValuesA
RegQueryValueA
RegQueryMultipleValuesW
InitializeSid
GetSecurityDescriptorOwner
LsaEnumerateTrustedDomainsEx
RegUnLoadKeyW
SetKernelObjectSecurity
OpenEventLogW
FreeSid
SetFileSecurityA
LsaCreateTrustedDomainEx
SetThreadToken
GetEffectiveRightsFromAclW
GetSecurityDescriptorDacl
BuildImpersonateTrusteeA
IsValidSid
GetSecurityDescriptorSacl
DuplicateToken
LsaFreeMemory

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a575dd2078bc7ff2077295a9ce7b067

Headers

File Characteristics

Imports

msvcrt

comctl32

gdi32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 49KB

.bss Size: 236KB - Virtual size: 233KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 2.6MB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 52KB - Virtual size: 49KB

.bss
Size: 236KB - Virtual size: 233KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 2.6MB

.rsrc
Size: 28KB - Virtual size: 26KB