VirusShare_49f12a7b358c7f7cba005610210418aa

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_49f12a7b358c7f7cba005610210418aa
Size

792KB
MD5

49f12a7b358c7f7cba005610210418aa
SHA1

3b2a6dc3ad4846bb2e642b8063102ce0bba4c039
SHA256

aa2a2d55915d08571e7304b2033ed90bc29f1b162da7e2722d4ffabcd6e3477f
SHA512

b1f72e5e2a7906318092c382738ca8ae39dba18a702423b3a313aef0485624dd3749b57a442185daf3807449285e45dfdf7377e2385b66001c779e1abfadf683
SSDEEP

12288:0Y3BVp90KspY7Hh3o9AfRZLRBYNsu6RJD6n+:5Km3oCrRBYNsuMJx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_49f12a7b358c7f7cba005610210418aa

Files

VirusShare_49f12a7b358c7f7cba005610210418aa
.exe windows:5 windows x86 arch:x86

e6fdb9f79fc26028024db93ccd467927

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
EncodePointer
WriteFile
DeleteFileW
DeleteCriticalSection
DecodePointer
DebugBreak
CreateFileW
CopyFileW
CompareStringW
CloseHandle
GetProcAddress
WaitForMultipleObjects
GetVersion
GetCommandLineW
GetProcessHeap
HeapAlloc
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetDriveTypeW
GetFileAttributesW
lstrlenA
LoadLibraryA
GlobalAlloc
lstrlenW
GetDriveTypeA
GetLastError
GetStartupInfoA
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
SetConsoleCursorPosition
RtlUnwind
ReadFile
ReadConsoleOutputCharacterA
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
MultiByteToWideChar
MulDiv
MoveFileW
LocalFree
LocalAlloc
LeaveCriticalSection
LCMapStringW
IsValidLocale
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
IsBadStringPtrA
IsBadReadPtr
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapSetInformation
HeapReAlloc
HeapFree
HeapCreate
GlobalUnlock
GlobalSize
GlobalLock
GlobalFree
GetVersionExW
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetOEMCP
GetModuleFileNameW
GetLocaleInfoW
GetLocaleInfoA
GetFullPathNameW
GetFileType
GetFileTime
GetEnvironmentVariableW
GetEnvironmentStringsW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleScreenBufferInfo
GetConsoleMode
GetConsoleCP
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeConsole
FormatMessageW
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
FillConsoleOutputCharacterW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
ExitProcess
EnumSystemLocalesA
VirtualAlloc
EnterCriticalSection
GetFileAttributesA
GetCommandLineA
WriteConsoleW

user32

GetParent
CharNextA
ShowWindow
GetKeyboardType
GetWindowRect
GetSystemMetrics
CharUpperW
CharLowerW
UpdateWindow
DestroyIcon
LoadBitmapW
LoadBitmapA
IsWindowVisible
GetDlgItem
GetSysColor
GetKeyState
DestroyWindow
CharLowerA
LoadStringW
MessageBoxA
SetWindowPos
GetDC
CharNextW
CharUpperA
IsWindow

gdi32

StretchBlt
StartPage
StartDocW
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetPixel
SetMapMode
SetBrushOrgEx
SetBkColor
SetAbortProc
SelectPalette
SelectClipRgn
RoundRect
RestoreDC
Rectangle
RectInRegion
RealizePalette
PtInRegion
Polyline
Polygon
PolyPolygon
PolyBezier
PlayEnhMetaFile
Pie
OffsetRgn
MoveToEx
MaskBlt
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentExPointW
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetRegionData
GetPixel
GetPaletteEntries
GetOutlineTextMetricsW
GetObjectW
GetNearestPaletteIndex
GetEnhMetaFileHeader
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetClipBox
GetCharABCWidthsW
GetBkColor
GdiFlush
ExtTextOutW
ExtSelectClipRgn
ExtFloodFill
ExtCreateRegion
ExtCreatePen
ExcludeClipRect
EqualRgn
EnumFontFamiliesExW
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateHatchBrush
CreateFontIndirectW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleBitmap
CreateBitmap
CombineRgn
CloseEnhMetaFile
BitBlt
Arc
GetEnhMetaFileW
DeleteDC
SetTextColor
AddFontResourceW
GetEnhMetaFileA
AddFontResourceA
SaveDC
CreateCompatibleDC
SelectObject
SetTextAlign
CreateMetaFileW
CreateMetaFileA
SetBkMode
StretchDIBits

comdlg32

PageSetupDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
ChooseFontW
PrintDlgW
CommDlgExtendedError

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ExtractIconW
ExtractIconExW

ole32

ReleaseStgMedium
RegisterDragDrop
OleUninitialize
OleSetClipboard
OleIsCurrentClipboard
RevokeDragDrop
OleGetClipboard
OleFlushClipboard
CoTaskMemAlloc
CoLockObjectExternal
CoCreateInstance
OleInitialize

oleaut32

SysReAllocStringLen
SysFreeString
SysAllocStringLen

comctl32

ImageList_DragEnter
ImageList_Draw
ImageList_EndDrag
ImageList_Add
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Create

winmm

timeGetTime

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggg
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6fdb9f79fc26028024db93ccd467927

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 17KB

ggg Size: 619KB - Virtual size: 618KB

.rsrc Size: 50KB - Virtual size: 50KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 17KB

ggg
Size: 619KB - Virtual size: 618KB

.rsrc
Size: 50KB - Virtual size: 50KB