20230429eb9579b8efcc9815f8646034de7c7b52virlock[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20230429eb9579b8efcc9815f8646034de7c7b52virlock.bin
Size

2.0MB
MD5

eb9579b8efcc9815f8646034de7c7b52
SHA1

a3bbc9da1216f3e625135f3ea2841501af554e0b
SHA256

9d46fa4a4fefbfb19e86a951893281155eb87d0368f9f404f73de02003aa5a35
SHA512

6c411a19aab9f6f5a468cf2147c3cafe29fc20da3bb3adcc8fce46f3d8284a706b3bf2f9534c1b82b19b2b930e0e0d3bdf7957fc29225f769ad67efdb9396f52
SSDEEP

49152:p4GsVTHoFmiwqfIXz99ElS2KuiKNw35uqHMGXLqd4y7lzTMeEz:Stbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20230429eb9579b8efcc9815f8646034de7c7b52virlock.bin

Files

20230429eb9579b8efcc9815f8646034de7c7b52virlock.bin
.exe windows x86

3244ca32ae47ea55b9c6e90f29b5b2c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualAlloc

user32

GetDesktopWindow
GetForegroundWindow

Sections

.text
Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE