VirusShare_6f7abbc706baecf6e86cde729475dc7d

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_6f7abbc706baecf6e86cde729475dc7d
Size

604KB
MD5

6f7abbc706baecf6e86cde729475dc7d
SHA1

00a55e2ae828f928770fdd1c59da361198fba382
SHA256

85e3772d5502b9f5251843b3884788ab6c4d44af761900c787d36e1d5586244c
SHA512

70b80ff7efeac45dc3cbaeb5b5a3b4f774dd3f61c08801fe43c5a086e8372ba199ea9f676ab3ceb9dd4d5332ebd5db79616460496632da831a51b21753f61092
SSDEEP

12288:PsEXei41jA1WnzVSxq5p1qHVXACWOEogk3pmIc5A1WnzVSxq5p1qH:PsEX341jA1wBSggHlpp3r0A1wBSggH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_6f7abbc706baecf6e86cde729475dc7d

Files

VirusShare_6f7abbc706baecf6e86cde729475dc7d
.exe windows:4 windows x86 arch:x86

e560a18d2bcb4314d3f1c7b4c61c9dd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetProjectionInfoA

msvcrt

_adjust_fdiv
_setmbcp
_eof
_osver
fputwc
__dllonexit
_onexit
time
_controlfp
__badioinfo
__set_app_type
__p__fmode
__p__commode
_acmdln
__setusermatherr
_initterm
__getmainargs
_wfindnext

advapi32

FreeSid
RegisterServiceCtrlHandlerW
GetSidSubAuthority
QueryServiceLockStatusW
SetFileSecurityA
LookupPrivilegeValueW
QueryServiceConfigA
RegSetValueExA
LogonUserA
EnumDependentServicesW
RegSetValueExW
SetServiceObjectSecurity
RegSetKeySecurity
InitiateSystemShutdownA
GetUserNameW
EncryptFileW
AllocateAndInitializeSid
RegSetValueA
SetKernelObjectSecurity
GetSidSubAuthorityCount
GetSidLengthRequired
RegEnumKeyExA
RegFlushKey
LookupAccountNameW
GetLengthSid
OpenSCManagerA
AddAccessAllowedAce
ControlService
RegReplaceKeyA
GetSidIdentifierAuthority
GetEffectiveRightsFromAclW
LockServiceDatabase
LsaFreeMemory
GetKernelObjectSecurity
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
ChangeServiceConfigW
CreateProcessAsUserW
OpenProcessToken
StartServiceA
DecryptFileW
ReportEventW
LookupPrivilegeValueA
RegOverridePredefKey
LsaRetrievePrivateData
LookupAccountNameA

user32

EnableWindow
LoadIconA
GetSystemMetrics
DrawIcon
IsIconic
GetClientRect
SendMessageA

imm32

ImmDestroyContext
ImmGetContext
ImmGetCompositionWindow
ImmGetRegisterWordStyleA
ImmGetProperty
ImmNotifyIME
ImmGetOpenStatus
ImmGetDefaultIMEWnd
ImmSetStatusWindowPos
ImmSetOpenStatus
ImmSetConversionStatus

kernel32

GetModuleHandleA
GetStartupInfoA

mfc42

ord5261
ord1041
ord1035
ord1053
ord4627
ord6376
ord2055
ord1053
ord4441
ord4837
ord3798
ord5280
ord1727
ord4425
ord1023
ord324
ord4234
ord4710
ord1168
ord1051
ord755
ord470
ord1046
ord1576
ord5065
ord4353
ord3749
ord1046
ord4274
ord6375
ord4486
ord2554
ord1039
ord5731
ord3922
ord1089
ord1086
ord2396
ord3346
ord1009
ord5302
ord2725
ord1070
ord4698
ord5307
ord1082
ord5714
ord2982
ord1054
ord3259
ord4465
ord1004
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord1019
ord4424
ord3738
ord561
ord815
ord2514
ord641
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord1066
ord2385
ord5163
ord6374

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e560a18d2bcb4314d3f1c7b4c61c9dd9

Headers

File Characteristics

Imports

rasapi32

msvcrt

advapi32

user32

imm32

kernel32

mfc42

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 3.0MB

.rsrc Size: 204KB - Virtual size: 200KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 3.0MB

.rsrc
Size: 204KB - Virtual size: 200KB