VirusShare_05f298e4e3f414b50d0a2f5c208046f0

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_05f298e4e3f414b50d0a2f5c208046f0
Size

97KB
MD5

05f298e4e3f414b50d0a2f5c208046f0
SHA1

2dcba00628a5a77102874a3e98b42be839af3a09
SHA256

619f2076e438b6a2979a2043f5bdc4cbf461661bf1909c07646ad7382abc4aa2
SHA512

a6c744959d63e4859f0289f40a08e094da4535925fcfb96542ff265d015b7ea14284b5fd252e45aadac5d73fde600c8091e7a08b5144e15fd98fc316cf2d6212
SSDEEP

1536:UPkP2oTrQAlPbhf4esGzqdOPCOo78piYwhOwdJ1gLRuymzMffpT8iRe:IiQA9hQEIACOo78piThbdgR9mOfRFR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_05f298e4e3f414b50d0a2f5c208046f0

Files

VirusShare_05f298e4e3f414b50d0a2f5c208046f0
.exe windows:4 windows x86 arch:x86

d1f43ec2b7a7a31a4c1f4393df4550fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ClearEventLogW
RegQueryValueA
AccessCheck
RegSetValueExA

kernel32

HeapSize
GetUserDefaultLangID
GlobalLock
GlobalMemoryStatus
LocalFree
VirtualUnlock
GlobalAlloc
HeapLock
DeleteCriticalSection
HeapAlloc
WritePrivateProfileSectionA
GetModuleHandleA
GetProcAddress
GetEnvironmentStrings
GetCurrentProcessId
GetExitCodeThread
GetStdHandle
ResumeThread
GetHandleInformation
FreeEnvironmentStringsA
GetModuleFileNameA
VirtualAlloc
CreateSemaphoreA
GetLastError
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
SetFilePointer
WriteFile
ReadFile
InitializeCriticalSection
FlushFileBuffers
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapReAlloc
SetStdHandle
CloseHandle
CreateFileA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

winspool.drv

AbortPrinter
DeletePrinterDataA
EnumPrinterDriversA
EnumJobsA
DeletePrinterConnectionA
GetJobW

netapi32

NetGetDCName
NetFileEnum

uxtheme

GetThemeBackgroundExtent

wsnmp32

ord903

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f43ec2b7a7a31a4c1f4393df4550fe

Headers

File Characteristics

Imports

advapi32

kernel32

winspool.drv

netapi32

uxtheme

wsnmp32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 3KB - Virtual size: 13KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 3KB - Virtual size: 13KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 4KB - Virtual size: 3KB