VirusShare_f112eb122755cdd12d13759b1639afee[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_f112eb122755cdd12d13759b1639afee.zip
Size

966KB
MD5

e3dfca4e551d6014b243ea97714f7c91
SHA1

a0ea90afbf2cca813fadd861ac4a5b7d4ffbdd91
SHA256

26fd0e0eb3df6375c4bd342cbc7b6ed2ffda0af391e10717999d86fd860b7513
SHA512

167954c3198d4418ebfcfdc8520867ffc611dc33dbd6dfba8dfd76628aa5151986188fd72dee3351d285d8386d4fb8d41a9cfde611ead1b52e466f0be94d6e96
SSDEEP

24576:YVRhDA3omlmcKkhtQcr8tLQ3ZEqmMdLsNGXygUnk7i:CHgpllKOReLQpmqLCGiS7i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6343bb6570bdea7f0e829312cf5829defa9eb69238fefa6c272650e1e5219a86

Files

VirusShare_f112eb122755cdd12d13759b1639afee.zip
.zip

Password: infected
6343bb6570bdea7f0e829312cf5829defa9eb69238fefa6c272650e1e5219a86
.exe windows:6 windows x86 arch:x86

72744baeffdde9f97c751d40e8d59e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageW
PostMessageW
SetWindowPos
EndDialog
GetDlgItemTextA
MessageBoxA
wsprintfW
SystemParametersInfoW
DialogBoxParamW
FindWindowA
MessageBoxW

gdi32

GetObjectW
DeleteObject
GetBitmapBits

kernel32

WriteConsoleW
GetProcessHeap
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
HeapSize
HeapReAlloc
GetStringTypeW
TlsSetValue
FindFirstFileW
FindNextFileW
WriteFile
WaitForMultipleObjects
FindClose
CreateFileW
GetSystemDirectoryW
Sleep
CloseHandle
CreateThread
GetModuleHandleW
GetDriveTypeW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
GetOEMCP
RaiseException
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
DecodePointer
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
SetEndOfFile
SetFilePointerEx
DeleteFileW
ReadFile
GetConsoleMode
ReadConsoleW
GetFileType
GetConsoleOutputCP
ExitProcess
GetModuleHandleExW
QueryPerformanceFrequency
GetStdHandle
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
SetStdHandle
HeapAlloc
HeapFree
MultiByteToWideChar
CompareStringW
LCMapStringW
WideCharToMultiByte
GetFileSizeEx
FindFirstFileExW
IsValidCodePage
GetACP

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

72744baeffdde9f97c751d40e8d59e0c

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 6KB - Virtual size: 23KB

.rsrc Size: 7.5MB - Virtual size: 7.5MB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 6KB - Virtual size: 23KB

.rsrc
Size: 7.5MB - Virtual size: 7.5MB