692cda672d4c909a44a23fae44ea3fdd_virlock_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

692cda672d4c909a44a23fae44ea3fdd_virlock_JC.exe
Size

1.9MB
MD5

692cda672d4c909a44a23fae44ea3fdd
SHA1

157c366182216899681f779485edbc92acac1c35
SHA256

eac1c922750e28e20b2d7c4b2ad5eebb255bbcdd2e4905feb065904d5be6a7d7
SHA512

175effc1130a184ea46ecd10ab5a568d5fa9f01ebfe3602ed70b7054cb6eda9277b5f05dccf7dcdcc174624f4caf077cd1d524fb8e5de7c5b77188a216824d35
SSDEEP

24576:m0GKmuNJXPkWR9hYUV3XiLnXl3XQ8XWWU0qFwUrn4pUGJr9EbzLOygmwn91VTMJ:8KmuVbfCLnXZQKWWAPrKxG2ypwn9rQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
692cda672d4c909a44a23fae44ea3fdd_virlock_JC.exe

Files

692cda672d4c909a44a23fae44ea3fdd_virlock_JC.exe
.exe windows x86

8ff1843ce2a778869c8574a7fc35ff89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetSystemDefaultUILanguage
VirtualAlloc

user32

GetCapture

Sections

.text
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE