VirusShare_1b266f23cab5ae881ca35344e86c3ef0

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_1b266f23cab5ae881ca35344e86c3ef0
Size

148KB
MD5

1b266f23cab5ae881ca35344e86c3ef0
SHA1

02fd7e7c00c2bea42541ff3043641a4e655d7299
SHA256

a650c4357227b0fd8ba6cd6dc3a9fb0b53812ee8caa79544f419add2b653bdfb
SHA512

54c5e5418eecb6cb2ad213287cd9211f3cde6cd72b75ec50c499c7f27ec3a737f2ff4c8876359001317f1d8de507a5a24855aba78b0728493b2680b319d6435a
SSDEEP

3072:IjlVttNwkVCmq+UyCcGuCu/YFzH5h95OEbzk:IJVDNFCuCmLYFzvPOEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1b266f23cab5ae881ca35344e86c3ef0

Files

VirusShare_1b266f23cab5ae881ca35344e86c3ef0
.dll windows:4 windows x86 arch:x86

c942c5e5dffeb969430d176a0dd33ddf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Be\Internet.pdb

Imports

kernel32

ExpandEnvironmentStringsW
GetVersionExW
FindFirstFileW
lstrcpynW
GetFileAttributesW
GetCommandLineW
LocalAlloc
LocalFree
VerSetConditionMask
VerifyVersionInfoW
GetModuleHandleW
MultiByteToWideChar
GetStdHandle
GetFileType
WriteConsoleW
SetLastError
GetConsoleOutputCP
HeapReAlloc
VirtualFree
GetStringTypeW
VirtualQuery
GetSystemInfo
VirtualProtect
SetErrorMode
LCMapStringW
GetLastError
WideCharToMultiByte
LCMapStringA
QueryPerformanceCounter
GetModuleHandleA
GlobalAddAtomA
SetThreadContext
GetThreadContext
WaitForDebugEvent
ContinueDebugEvent
WaitForSingleObject
OpenFile
GetProcessHeap
HeapAlloc
DisableThreadLibraryCalls
OpenProcess
CloseHandle
ReadProcessMemory
lstrcmpiW
FreeLibrary
LeaveCriticalSection
MapViewOfFile
OpenMutexW
OpenEventW
EnterCriticalSection
UnmapViewOfFile
SetEvent
InterlockedIncrement
IsBadReadPtr
ReleaseMutex
InterlockedDecrement
MulDiv
WaitForMultipleObjects
InitializeCriticalSection
CreateFileW
SetFilePointer
ReadFile
GlobalFree
GlobalUnlock
GetProfileStringW
lstrcpyW
GetCurrentDirectoryW
Sleep
ExitThread

user32

SetWindowLongW
GetParent
RegisterClassW
GetWindow
EnumChildWindows
EndDialog
IsDlgButtonChecked
InvalidateRect
SetFocus
GetDC
ExitWindowsEx
LoadStringW
GetWindowThreadProcessId
FindWindowExA
ShowWindow
FillRect
EndPaint
IsWindowVisible
DefWindowProcW
DialogBoxParamW
GetActiveWindow
DestroyWindow
WinHelpW
GetWindowLongW
CreateWindowExW
GetDlgCtrlID
ChildWindowFromPointEx
GetSystemMetrics
SetWindowTextW
GetWindowRect
GetWindowTextW
ReleaseDC
SetActiveWindow
SetCursor
LoadCursorW
EndDeferWindowPos
BeginDeferWindowPos
SetDlgItemTextW
GetClientRect
EnableWindow
ClientToScreen
SetClassLongW
CheckDlgButton
DeferWindowPos

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
InitializeAcl
AddAuditAccessAceEx
AddAccessDeniedAceEx
GetSecurityDescriptorSacl
CopySid
GetSidLengthRequired
GetSidSubAuthorityCount
FreeSid
AllocateAndInitializeSid
ChangeServiceConfigW
CloseServiceHandle
CreateServiceW
OpenServiceW
OpenSCManagerW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegSetKeySecurity
RegCreateKeyExW
ChangeServiceConfig2W
SetSecurityDescriptorSacl

msvcrt

vswprintf
fwprintf
setlocale
exit
wcstok
wcslen
wcscpy
malloc
free

winmm

DefDriverProc

Exports

Exports

AnyAccesses
DirectlyWithoutServerTheTo
InstancesSoftware
OtherwiseOrDoOrAdminister
YouToInstancesIdentified

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 874B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c942c5e5dffeb969430d176a0dd33ddf

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

advapi32

msvcrt

winmm

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 142KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 4KB - Virtual size: 874B

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 142KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 874B