VirusShare_934697165b36c88e4da0fbcf1ec6fb6a

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_934697165b36c88e4da0fbcf1ec6fb6a
Size

432KB
MD5

934697165b36c88e4da0fbcf1ec6fb6a
SHA1

a8d2014a6de8495998c6b200d73749fa4c4e3d36
SHA256

5680f8237b52c8ed21ab86ab8ec12198b248ebbd4ed77e225cdb7fbe33755d64
SHA512

1b8198da6d05b06650d698eca51c7f44179eb20ee8f3f4570943d11d3af8c3e088e4f2ece1e5e9557ba6ddfa8dca844bb3dd337d04d0302c7c32e9f4436a7b7d
SSDEEP

6144:HksAO7v3XkwcpTxuAon5w4jGSJXX7Jdc99gL3GwLlyyY2d/T4jx5fcm:Hksd3XkdNuApPSlg9963WyYAT4jxhcm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_934697165b36c88e4da0fbcf1ec6fb6a

Files

VirusShare_934697165b36c88e4da0fbcf1ec6fb6a
.exe windows:5 windows x86 arch:x86

0302a22c773abb3cee13dcfae32df8f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA
CharUpperBuffA
CharLowerA
CharLowerBuffA
AttachThreadInput
CallWindowProcW
CharLowerBuffW
CharPrevA
CreateWindowExA
DestroyWindow
DispatchMessageA
ExitWindowsEx
LoadStringA
MsgWaitForMultipleObjects
SetWindowLongA
TranslateMessage
MessageBoxA
GetKeyNameTextA
MapVirtualKeyA
CopyIcon
ScrollDC
DrawFrameControl
ActivateKeyboardLayout
InvalidateRgn
TrackMouseEvent
DestroyCaret
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
GetAsyncKeyState
UnregisterClassA
LoadBitmapA
LoadCursorA
SetCursor
GetSysColor
GetParent
DrawEdge
GetClientRect
InvalidateRect
SetRect
PtInRect
IsRectEmpty
SetRectEmpty
GetDlgCtrlID
SetWindowTextA
GetSubMenu
GetKeyboardType
UpdateWindow
RegisterClassExA
GetWindowLongA
GetMessageA
GetDlgItem
EnableWindow
FindWindowExA
CharToOemBuffA
SetWindowPos
GetWindow
GetSystemMetrics
GetCursor
InvertRect
ClientToScreen
CopyRect
WinHelpA
GetCapture
IsChild
SetWindowPlacement
SetScrollPos
GetScrollPos
GetScrollRange
SetScrollInfo
GetTabbedTextExtentA
DefWindowProcA
GetFocus
RegisterWindowMessageA
CallWindowProcA
MessageBeep
GetNextDlgGroupItem
RemoveMenu
LockWindowUpdate
GetDCEx
GetSysColorBrush
GetClassNameA
UnionRect
ClipCursor
CopyAcceleratorTableA
PostThreadMessageA
CreateMenu
SetCursorPos
WindowFromDC
InSendMessage
wvsprintfA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
IsClipboardFormatAvailable
IsZoomed
EndDialog
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetMenuStringA
SetMenu
TrackPopupMenu
CreateDialogIndirectParamA
OemToCharBuffA
RedrawWindow
ScrollWindow
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
CharNextA
ValidateRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
GetWindowTextA
IsWindowVisible
GetMenu
GetTopWindow
GetSystemMenu
SetParent
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
GetDesktopWindow
CharUpperA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
IsWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetMessagePos
GetCursorPos
GetScrollInfo
SendMessageA
ReleaseDC
FillRect
GetDC
SetActiveWindow
CheckMenuRadioItem
AppendMenuA
wsprintfA
EnumChildWindows
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount

comdlg32

ReplaceTextA
FindTextA
ChooseFontA
ChooseColorA
PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA
GetOpenFileNameA

shell32

SHChangeNotify
SHGetFileInfoW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetFolderPathW
ShellExecuteA
ShellExecuteW
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetPathFromIDListW

ole32

CoGetClassObject
StringFromCLSID
CoDisconnectObject
OleRegEnumVerbs
OleRegGetUserType
CoFreeUnusedLibraries
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoTaskMemAlloc
OleDuplicateData
CreateBindCtx
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
WriteClassStm
OleUninitialize
CreateDataAdviseHolder
CreateOleAdviseHolder
RevokeDragDrop
OleSaveToStream
CreateFileMoniker
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleIsRunning
OleRun
CreateItemMoniker
WriteClassStg
CoCreateInstance
CreateGenericComposite
CoInitialize
CoUninitialize
OleInitialize
FreePropVariantArray
GetRunningObjectTable
OleRegGetMiscStatus
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoRegisterClassObject
OleGetClipboard
CoGetMalloc

advapi32

RegOpenKeyExW
GetUserNameA
GetSidIdentifierAuthority
GetSecurityDescriptorOwner
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
CheckTokenMembership
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
LookupPrivilegeValueW
DecryptFileW
AllocateAndInitializeSid
EqualSid
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegFlushKey
RegDeleteValueA
RegCreateKeyExA
OpenThreadToken
GetTokenInformation
FreeSid
GetUserNameW

comctl32

ImageList_Write
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Read
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_DragMove
ord17
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Add
ImageList_AddMasked
PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_Create
ImageList_Destroy
_TrackMouseEvent
ImageList_GetImageCount
ImageList_DragLeave

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

PlaySoundA

kernel32

GetFileTime
GetCurrentThread
lstrlenW
GetCurrentDirectoryA
SetThreadPriority
GetProfileIntA
SuspendThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
DeleteCriticalSection
SetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LocalAlloc
GetStringTypeExA
GetShortPathNameA
GetThreadLocale
FindClose
GetVolumeInformationA
FindFirstFileA
UnlockFile
MoveFileA
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
GlobalDeleteAtom
GetModuleHandleA
TerminateThread
WriteProfileStringA
GetVersionExA
lstrlenA
ResumeThread
GetProfileStringA
GetTempFileNameA
SetEvent
GetWindowsDirectoryA
GetFileAttributesA
GetFullPathNameA
GetDiskFreeSpaceA
CreateEventA
CopyFileA
GlobalFree
GetExitCodeThread
ReadFile
GlobalLock
GlobalUnlock
GetFileSize
GlobalAlloc
FindResourceExA
VirtualProtect
GetSystemTimeAsFileTime
FindResourceA
GetTickCount
Sleep
lstrcatA
FormatMessageA
LocalFree
GetSystemDirectoryA
lstrcmpA
lstrcmpiA
CreateProcessA
WaitForSingleObject
lstrcpynA
GetVersion
WriteFile
TlsSetValue
GetACP
lstrcpyA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
LoadLibraryA
CreateFileA
MulDiv
FreeLibrary
GetProcAddress
DeleteFileA
GetModuleFileNameA
GetTempPathA
CreateDirectoryA
EnumCalendarInfoA
FileTimeToDosDateTime
FindNextFileA
FreeResource
GetCurrentProcessId
GetDateFormatA
GetLocaleInfoA
SetFileTime
FileTimeToLocalFileTime
TlsAlloc
FileTimeToSystemTime
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
CloseHandle
TlsGetValue
GetProcessHeap
GetSystemInfo
GlobalMemoryStatus
IsValidCodePage
LoadLibraryExA
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
ResetEvent
SetConsoleCtrlHandler
SetThreadLocale
VirtualQuery
RemoveDirectoryA
IsDBCSLeadByte
GetUserDefaultLangID
GetSystemDefaultLCID
GetExitCodeProcess
FormatMessageW
GetDriveTypeW
CreateEventW
GetVersionExW
LoadLibraryExW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetLocaleInfoW
GetEnvironmentVariableW
GetCommandLineW
CreateDirectoryW
RemoveDirectoryW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
GetCurrentDirectoryW
GetDiskFreeSpaceExW
GetFullPathNameW
CopyFileW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
LoadLibraryW
CreateFileW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
SetFilePointerEx
FindResourceExW
CreateMutexW
ReleaseMutex
GetUserDefaultLCID
GetSystemDefaultLangID
SetCurrentDirectoryW
GetModuleFileNameW
FindResourceW
GetProcessVersion
GetCPInfo
GlobalFlags
LocalFileTimeToFileTime
SystemTimeToFileTime
GetOEMCP
SetErrorMode
lstrcpyW
RtlUnwind
GlobalSize
HeapAlloc
GetTimeZoneInformation
HeapFree
GetLocalTime
GetStartupInfoA
GetSystemTime
ExitProcess
RaiseException
GetCommandLineA
ExitThread
HeapReAlloc
CreateThread
SetStdHandle
GetFileType
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapSize
VirtualFree
VirtualAlloc
HeapCreate
FatalAppExitA
LCMapStringA
IsBadWritePtr
SetHandleCount
GetStdHandle
LCMapStringW
CompareStringW
UnhandledExceptionFilter
CompareStringA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeA
GetStringTypeW
GetEnvironmentStringsW
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
SetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
IsDebuggerPresent
GetModuleHandleW
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLastError

Sections

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0302a22c773abb3cee13dcfae32df8f7

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

comctl32

version

winmm

kernel32

Sections

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 6KB - Virtual size: 336KB

.ndata Size: 168KB - Virtual size: 168KB

.rsrc Size: 203KB - Virtual size: 203KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 6KB - Virtual size: 336KB

.ndata
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 203KB - Virtual size: 203KB