VirusShare_41fb9932be35e9e5ea61d74f8517c748

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_41fb9932be35e9e5ea61d74f8517c748
Size

222KB
MD5

41fb9932be35e9e5ea61d74f8517c748
SHA1

69330b95b02db41a23198f164af47a151556e863
SHA256

e0aea54912d5f4e793d03303151a5d83b2d9c818b5ce8fa6ea3f609a3273114e
SHA512

c46c433a4cd5bd52ccf23a0d9ff705d1a8eaa123adae5b71f6f9a18a13281850af954850a074c45157dad352b0cce27b3ef6ac905d603344d3e4d86cd0b3aebc
SSDEEP

6144:FiIqk2kmqtVqu1S0IaQsG8c6Ty9Av4DObk:FLqzkvBSJ+G8XySgaI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_41fb9932be35e9e5ea61d74f8517c748

Files

VirusShare_41fb9932be35e9e5ea61d74f8517c748
.exe windows:4 windows x86 arch:x86

e369f2b92e7b7770c06c3d60677f13bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

qlq32yasm5luw7

Imports

shell32

ExtractIconW
SHQueryRecycleBinW
DragQueryFileA

oleaut32

VarR4FromDec

clusapi

ClusterNodeControl
ClusterNetworkCloseEnum

kernel32

LocalAlloc
RaiseException
TlsGetValue
GetCurrentThread
GetThreadPriority
GetTickCount
HeapAlloc
GetFileTime
SetLocaleInfoA
EncodeSystemPointer
EnumTimeFormatsW
ReadConsoleOutputW
GetPrivateProfileSectionNamesW
lstrcpyA
HeapLock
GetNumberOfConsoleInputEvents
SetComputerNameA
SetThreadPriorityBoost
SetCalendarInfoW
CreateNamedPipeW
GlobalHandle
CancelTimerQueueTimer
DebugBreakProcess
WTSGetActiveConsoleSessionId
CreateSemaphoreA
MapViewOfFile
QueryPerformanceCounter
GetProfileStringW
WriteConsoleOutputCharacterA
OpenEventW
CreateThread
DebugBreak
SetFileApisToOEM
SetFileAttributesA
TzSpecificLocalTimeToSystemTime
GetComputerNameExA
GetPrivateProfileStringA
ExitProcess
DecodeSystemPointer
GetCommMask
UnlockFile
GetCommandLineA
GetVersionExA
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
SetStdHandle
GetConsoleCP
GetConsoleMode
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
Sleep
VirtualAlloc
HeapReAlloc
RtlUnwind
SetFilePointer
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetLocaleInfoW
VirtualProtect
GetSystemInfo
VirtualQuery
ReadFile
CreateFileA
CloseHandle

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

f5cD
Size: 1024B - Virtual size: 698B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crk2
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yIkyo
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

f5cD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

usj
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t9
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e369f2b92e7b7770c06c3d60677f13bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

oleaut32

clusapi

kernel32

Sections

.text Size: 76KB - Virtual size: 75KB

f5cD Size: 1024B - Virtual size: 698B

.crk2 Size: 4KB - Virtual size: 11KB

yIkyo Size: 62KB - Virtual size: 61KB

f5cD Size: 1KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 13KB

usj Size: 7KB - Virtual size: 7KB

t9 Size: 39KB - Virtual size: 39KB

.rsrc Size: 15KB - Virtual size: 319KB

.text
Size: 76KB - Virtual size: 75KB

f5cD
Size: 1024B - Virtual size: 698B

.crk2
Size: 4KB - Virtual size: 11KB

yIkyo
Size: 62KB - Virtual size: 61KB

f5cD
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 13KB

usj
Size: 7KB - Virtual size: 7KB

t9
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 15KB - Virtual size: 319KB