VirusShare_24ef7dbc0af02da64c4b08f54c82db33

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_24ef7dbc0af02da64c4b08f54c82db33
Size

368KB
MD5

24ef7dbc0af02da64c4b08f54c82db33
SHA1

f3d6f41f21e0dc1d26e42ff80b76308a6fcb112b
SHA256

9b0939fa4c00061cb9588ae8d30679fe92d46e38f48af6c7bad1317c5e93d2e0
SHA512

6b9a258be7ed09ad876c3b9a4329e9af56c06ab74cc1aa4d8db1b99dc8bd70311b301be4c80f5f00c3f8ac1630dd21b152c1210b8c9c8b32251061d7eae5aa2e
SSDEEP

6144:4BVsLLdsgLTCEUyQETKuSkPZ5PMVhewjAn6EYIW2gBsKTp0aLXWoRRBJY9HJJRws:rV3hLQET9P5UP06E+HsKl0aLNbs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_24ef7dbc0af02da64c4b08f54c82db33

Files

VirusShare_24ef7dbc0af02da64c4b08f54c82db33
.exe windows:4 windows x86 arch:x86

d2c017260c1c63f430929514d7cb701e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkColor
OffsetClipRgn
StartPage
PlayEnhMetaFile
SetTextAlign

imm32

ImmSetOpenStatus
ImmDestroyContext
ImmSetCompositionFontW
ImmGetDescriptionW
ImmEnumRegisterWordA
ImmNotifyIME
ImmGetProperty
ImmGetDefaultIMEWnd
ImmSetCompositionWindow
ImmCreateContext
ImmReleaseContext
ImmSetStatusWindowPos
ImmGetCompositionFontA
ImmGetIMEFileNameA
ImmSimulateHotKey
ImmRegisterWordW
ImmGetCandidateWindow
ImmSetCandidateWindow
ImmEscapeW
ImmGetCandidateListA
ImmGetContext
ImmSetCompositionStringW
ImmGetIMEFileNameW
ImmGetStatusWindowPos
ImmGetOpenStatus
ImmGetCandidateListW
ImmIsUIMessageW
ImmConfigureIMEW
ImmGetCompositionWindow
ImmAssociateContext
ImmGetCompositionStringA
ImmIsIME
ImmGetCandidateListCountW

shlwapi

PathGetCharTypeA
PathIsPrefixW
PathFindExtensionW
PathAddExtensionA
PathIsUNCA
SHRegQueryUSValueW
PathSetDlgItemPathW
StrNCatA
PathIsSameRootW
SHQueryValueExA
PathGetDriveNumberW
SHSetValueA
PathIsUNCServerShareA
PathAppendW
StrFromTimeIntervalW
PathBuildRootW
PathCanonicalizeW
PathFindExtensionA
PathIsUNCServerShareW
SHRegDeleteEmptyUSKeyW
PathUnquoteSpacesA
PathIsUNCServerW
SHQueryInfoKeyW
PathFileExistsW
StrFormatByteSizeA
StrDupA
StrCSpnA
PathFindFileNameA
PathRelativePathToW
StrPBrkA
PathFindNextComponentA
PathCompactPathW
PathCommonPrefixW
PathAddBackslashA
StrCmpW
PathCompactPathExW
StrToIntA
ChrCmpIW
PathRemoveBackslashA
SHQueryValueExW
SHGetValueA
PathIsRootW
SHDeleteEmptyKeyA
PathMatchSpecA
PathBuildRootA
PathQuoteSpacesA
PathParseIconLocationA
SHEnumKeyExA

winmm

midiOutGetDevCapsA
midiInReset
midiOutClose
mmioFlush
midiInGetDevCapsW
waveInGetPosition
midiInOpen
mixerGetLineInfoW
waveOutGetErrorTextA
mmioAscend
waveInGetID
mciGetErrorStringW
mixerGetLineControlsA
midiInGetErrorTextW
waveInStart
joyGetDevCapsA
waveOutGetNumDevs
waveOutUnprepareHeader
midiStreamStop
mmioStringToFOURCCA
waveInMessage
waveOutGetID
midiStreamPause
midiInGetErrorTextA
waveInStop
waveOutGetPlaybackRate
PlaySoundW
auxOutMessage
timeEndPeriod
joySetCapture
OpenDriver
mciSendCommandA
midiOutSetVolume
auxGetNumDevs
midiInGetNumDevs
midiOutCacheDrumPatches
auxSetVolume
DefDriverProc
joyGetPos
midiInAddBuffer
mixerGetID
midiOutGetNumDevs
midiInClose
waveOutGetDevCapsW
mixerSetControlDetails
waveInOpen
mciSetYieldProc
timeGetTime
SendDriverMessage
midiOutReset
midiStreamPosition
midiStreamClose
mixerGetLineControlsW
mixerGetControlDetailsA
mmioClose
midiInStart
mixerGetLineInfoA
PlaySoundA
timeBeginPeriod
mixerGetNumDevs
mixerClose
mmioOpenW
mmioDescend
midiOutPrepareHeader
timeKillEvent
midiOutGetID
timeSetEvent
mmioRenameW
mixerGetDevCapsA
mmioSetInfo
midiInGetDevCapsA

imagehlp

ImageDirectoryEntryToData
SymEnumerateSymbols
ImageNtHeader
SymSetOptions
ImageGetCertificateData
SymGetLineFromAddr
MapFileAndCheckSumW
ImagehlpApiVersionEx
BindImage
MakeSureDirectoryPathExists
SymGetModuleBase
UnDecorateSymbolName

mpr

WNetCloseEnum
MultinetGetConnectionPerformanceW
WNetUseConnectionW
WNetGetUserW
WNetOpenEnumA
WNetGetConnectionW
WNetAddConnectionW
WNetCancelConnectionA
WNetDisconnectDialog1W
WNetEnumResourceW

urlmon

MkParseDisplayNameEx
RegisterFormatEnumerator
URLDownloadToCacheFileA
HlinkNavigateMoniker
RevokeBindStatusCallback
HlinkGoForward
RegisterBindStatusCallback
CoInternetParseUrl

user32

ShowWindow
ModifyMenuA
MapVirtualKeyExW
GetDlgItemTextA
RemovePropA
LoadStringW
IsWindowEnabled
GetMenuItemCount
GetWindowLongA
SetForegroundWindow
SetClipboardData
RegisterWindowMessageA
LoadCursorA
AdjustWindowRect
PostMessageA
SetDlgItemInt
GetDlgItemTextW
GetKeyState
LoadImageA
GetCaretPos
AppendMenuW
SetRect
GetCapture
GetWindowTextA
ClientToScreen
MessageBeep
GetClipboardData
IsDlgButtonChecked
IsClipboardFormatAvailable
SetClassLongW
DrawIcon
VkKeyScanW
PeekMessageW
GetParent
CharUpperA
SetMenuDefaultItem
IsWindowVisible
CreateDialogIndirectParamA
SendInput
GetClipboardFormatNameW
DefFrameProcW
ValidateRect
SetScrollPos
SetCaretBlinkTime
CloseClipboard
CharNextW
CreateMenu
GetUserObjectInformationW
KillTimer
LockWindowUpdate
BringWindowToTop
GetSystemMetrics
GetKeyboardState
GetWindowModuleFileNameA
ScrollWindow
GetClassInfoW
IsCharAlphaW
FindWindowExW
SetWindowPos
GetDlgCtrlID
SetFocus
GetScrollRange
DrawTextW
IntersectRect
PostMessageW
GetDC
IsCharLowerA
SetActiveWindow
SendDlgItemMessageA
EnumDisplaySettingsW
WinHelpA
CopyAcceleratorTableW
GetSysColor
CharLowerA
TrackPopupMenu
CharToOemA
GetProcessWindowStation
GetWindow
DestroyMenu
CheckRadioButton
RemoveMenu
IsChild
GetSysColorBrush
TranslateAcceleratorA
LoadMenuW
SetCapture

rasapi32

RasDialW
RasDeleteEntryW
RasGetEntryDialParamsA
RasEnumEntriesA
RasCreatePhonebookEntryW
RasHangUpA
RasGetProjectionInfoA
RasEnumDevicesW
RasGetEntryPropertiesA
RasSetEntryPropertiesW
RasHangUpW
RasEnumEntriesW
RasEnumDevicesA
RasEditPhonebookEntryA
RasGetConnectStatusW
RasGetErrorStringA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2c017260c1c63f430929514d7cb701e

Headers

File Characteristics

Imports

gdi32

imm32

shlwapi

winmm

imagehlp

mpr

urlmon

user32

rasapi32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 472KB

.rsrc Size: 216KB - Virtual size: 212KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 472KB

.rsrc
Size: 216KB - Virtual size: 212KB