5e1e988dfdef093c6678fdfbeacf1a55_virlock_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e1e988dfdef093c6678fdfbeacf1a55_virlock_JC.exe
Size

2.0MB
MD5

5e1e988dfdef093c6678fdfbeacf1a55
SHA1

159e41755f1b1b0cb7a3a1605a8a75177248bedf
SHA256

26c7ce7313160b72184f494ce3bbbb0f6688be0b5c05a0844363a153048d6ab0
SHA512

4eecbdd6953e369ef0908cb3248611802f655a599f3a4efb2711113680107c8fa64c188cc1c8415d0a24e1f2a91a633726c9acd6711f31748120bfd7958bb0fb
SSDEEP

24576:ovdjgNuY6iqWyMWCWb+2fMYPfXRk+fk474To1f15wlC2VycquH/DO/OBMxKS7VC:ovdjGBGWRbyPfFk4sTY2VQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e1e988dfdef093c6678fdfbeacf1a55_virlock_JC.exe

Files

5e1e988dfdef093c6678fdfbeacf1a55_virlock_JC.exe
.exe windows x86

f0da5a57b6534b42b564ed56d2128b71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
GetCurrentProcess
VirtualAlloc

user32

GetDesktopWindow

Sections

.text
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE