VirusShare_9aca5f20b397ea8f429decbafd177ffc

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_9aca5f20b397ea8f429decbafd177ffc
Size

309KB
MD5

9aca5f20b397ea8f429decbafd177ffc
SHA1

287fba6e52821ff4afff9da109006f82936a4af0
SHA256

bd63fd3f070b0d9f7b6c694fe096da5dddf60fe28e5182a76e8d14dc000e81dc
SHA512

dc4b57810bc385affc79904c8982eba066611519caccfb5ab6d19f18e7f14206a752b6b3c775c76c28d2aa0fcbbffe15c338048ec4b37d5ba7c4bdb06952ba42
SSDEEP

6144:J/HgOTMr2rSBq+SPKLQliP4vBTbznzg0RIk:aOTMKr1mq20RD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_9aca5f20b397ea8f429decbafd177ffc

Files

VirusShare_9aca5f20b397ea8f429decbafd177ffc
.exe windows:4 windows x86 arch:x86

0318d07cd95ecb31faf680a1b20eda9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnectionW
MultinetGetConnectionPerformanceA

advapi32

OpenSCManagerW
BuildTrusteeWithNameA
LsaQueryTrustedDomainInfoByName
EnumDependentServicesW
GetNamedSecurityInfoW
MapGenericMask
RegCreateKeyExA
ReadEventLogW
ObjectCloseAuditAlarmW
BuildImpersonateTrusteeA
RegDeleteKeyA
SetFileSecurityA
QueryServiceLockStatusA
RegRestoreKeyW
GetSecurityDescriptorControl
RegSetValueExA
GetNamedSecurityInfoA
LookupSecurityDescriptorPartsW
RegOpenKeyExW
RegisterEventSourceW
CreateServiceA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
FreeSid
LsaCreateTrustedDomainEx
GetAclInformation
GetSidSubAuthority
EnumServicesStatusA
CloseServiceHandle
AdjustTokenPrivileges
GetSecurityDescriptorOwner
AddAccessAllowedAce
SetServiceStatus
NotifyChangeEventLog
SetEntriesInAclW
EqualSid
RegisterEventSourceA
AreAnyAccessesGranted
RevertToSelf
OpenServiceA
OpenBackupEventLogA
BuildTrusteeWithSidA
QueryServiceLockStatusW
GetTrusteeFormA
GetExplicitEntriesFromAclA
RegNotifyChangeKeyValue
RegQueryValueExA
MakeSelfRelativeSD
LsaSetTrustedDomainInfoByName
GetAce
LsaAddAccountRights
GetSecurityDescriptorDacl
LsaRetrievePrivateData
LookupPrivilegeNameW
RegUnLoadKeyA
BackupEventLogA
LsaClose
LsaQueryTrustedDomainInfo
QueryServiceStatus
MakeAbsoluteSD
GetTokenInformation
LookupPrivilegeDisplayNameW
AddAuditAccessAce
RegDeleteKeyW
RegOverridePredefKey
RegisterServiceCtrlHandlerW
LogonUserW
OpenEventLogA
BackupEventLogW
ObjectOpenAuditAlarmW
IsValidSid
EqualPrefixSid
RegEnumKeyA
GetLengthSid
GetSecurityInfo
ReadEventLogA
SetKernelObjectSecurity
SetEntriesInAclA
RegReplaceKeyA
RegUnLoadKeyW
StartServiceA
RegDeleteValueW
LockServiceDatabase
AdjustTokenGroups
RegSetKeySecurity
GetServiceKeyNameA
AccessCheck
InitiateSystemShutdownW
PrivilegedServiceAuditAlarmW
GetOldestEventLogRecord
RegSetValueA
LsaOpenPolicy
StartServiceCtrlDispatcherW
QueryServiceConfigA
DeleteService
GetFileSecurityA
RegSetValueExW
RegCreateKeyW
GetExplicitEntriesFromAclW
RegisterServiceCtrlHandlerA
DeregisterEventSource
ReportEventA
RegConnectRegistryA
RegQueryValueW
RegQueryValueExW
IsTokenRestricted
BuildSecurityDescriptorW
CopySid
LookupAccountNameA
SetThreadToken
GetAuditedPermissionsFromAclW
LogonUserA
OpenProcessToken
RegReplaceKeyW
QueryServiceConfig2A
IsValidAcl
GetSidSubAuthorityCount
GetPrivateObjectSecurity
StartServiceCtrlDispatcherA
SetNamedSecurityInfoA
RegQueryInfoKeyW
ObjectCloseAuditAlarmA
GetNumberOfEventLogRecords
SetPrivateObjectSecurity
GetServiceDisplayNameW
LookupAccountNameW
SetSecurityDescriptorGroup
InitializeSecurityDescriptor
UnlockServiceDatabase
RegQueryMultipleValuesA
GetSidIdentifierAuthority
RegCloseKey
AbortSystemShutdownW
GetSecurityDescriptorSacl
LookupPrivilegeValueA
RegEnumValueW
CreatePrivateObjectSecurity
QueryServiceConfig2W
LsaNtStatusToWinError
CreateRestrictedToken
GetKernelObjectSecurity
BuildExplicitAccessWithNameW
SetServiceObjectSecurity
CreateProcessAsUserA
RegGetKeySecurity
OpenBackupEventLogW

kernel32

GetModuleHandleA
GetStartupInfoA
DeleteFileA
EnumResourceLanguagesA
GlobalCompact
EnumResourceNamesA
GetCPInfo

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_XcptFilter
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
__p__commode

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0318d07cd95ecb31faf680a1b20eda9f

Headers

File Characteristics

Imports

mpr

advapi32

kernel32

msvcrt

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2.0MB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2.0MB

.rsrc
Size: 20KB - Virtual size: 19KB