7b83a7e132f224b019734f1f743d68c2_virlock_JC[.]exe | Triage

Sharing

General

Target

7b83a7e132f224b019734f1f743d68c2_virlock_JC.exe
Size

725KB
MD5

7b83a7e132f224b019734f1f743d68c2
SHA1

156a5a8c55b08117901b863f0d22083603a24953
SHA256

235dc49863110956e72dbc535c19d4380b52eb213b8168105b3a522ecdbba8bd
SHA512

ffa3109fbd082e36768c5055c0da3b083a33191f24179c52fddf7a0be88d43014a1a2e288a1a577a45bafc53767a0fb4d125f5b190338cd3a2c07603eb6a2c4a
SSDEEP

12288:ieP13CihyQOvX9XTSScmec7mY+N9I5PpUwU9XlIBnOvPSerlnJTDs:73BrYXNSgmpN9I5PpUzSeRnFY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b83a7e132f224b019734f1f743d68c2_virlock_JC.exe

Files

7b83a7e132f224b019734f1f743d68c2_virlock_JC.exe
.exe windows x86

2a24b55daf9eef82dfd20646e07d8935

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetVersion
GetConsoleWindow
GetDateFormatW

oleaut32

VarR4FromUI4
SafeArraySetRecordInfo

ole32

CoEnableCallCancellation

user32

ScreenToClient

ws2_32

WSAProviderConfigChange

Sections

.text
Size: 716KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE