8f46d5d6829cf6e386d7b375045b0723_virlock_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f46d5d6829cf6e386d7b375045b0723_virlock_JC.exe
Size

2.2MB
MD5

8f46d5d6829cf6e386d7b375045b0723
SHA1

2daba407f2b5abe5c64b5de6a4872cd2e67d8529
SHA256

9c3ca2b8f2bc19bf64dfb0938e4201e32529f2dd8ef69b204a89a96620174ceb
SHA512

17d6c2c4d0535d5ec455e4d05a1a7e0cbe1dd6a1fe9484320c013cee8d96cabbb04e8da74a9088f35d0cb1c6c3f2d2258698d2c96917e59e298d1e501b402528
SSDEEP

49152:rpBp++OnO7+CyetncZZC8IKV4jYfC0CS:rpP8nY+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f46d5d6829cf6e386d7b375045b0723_virlock_JC.exe

Files

8f46d5d6829cf6e386d7b375045b0723_virlock_JC.exe
.exe windows x86

b67a2081432dd2c05435e74e8cc88497

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

user32

GetClipboardViewer
GetOpenClipboardWindow
GetKBCodePage

Sections

.text
Size: 892KB - Virtual size: 892KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE