VirusShare-00428a3412ac223f94bbe0efdfa02e64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-00428a3412ac223f94bbe0efdfa02e64
Size

237KB
MD5

00428a3412ac223f94bbe0efdfa02e64
SHA1

8edb6a17197ac310a52a9850ca7a144b5d28ca9e
SHA256

bbdbb469fd768cd9330dfd7bb01f3368e7b567e7b8bd8f66375b15cc35c729bc
SHA512

8235ee054676f637c647ec0e79270787cb86c45dc50a79290cda6649876f34180caf6c9f314d82dec4ec88502651588cec9d98008c219e4e31b07553ce892fab
SSDEEP

6144:qBAgW6PgWowLVlRC+biPQGnNBoIXJfTk7/:qBUejowLfkhPDNJ5rkb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-00428a3412ac223f94bbe0efdfa02e64

Files

VirusShare-00428a3412ac223f94bbe0efdfa02e64
.exe windows:4 windows x86 arch:x86

037ed33097aed7f84bfed5ec45738fe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
HeapCreate
GlobalFree
GlobalAlloc
HeapDestroy
LocalAlloc
FindFirstFileA
FindNextFileW
GetCurrentProcess
MultiByteToWideChar
LoadLibraryA
lstrlenA
ReleaseMutex
GetSystemDirectoryA
GlobalUnlock
GetStdHandle
GetStringTypeW
WriteConsoleW

msvcrt

__mb_cur_max
_pctype
??2@YAPAXI@Z
_iob
strchr
_initterm
_errno
free
??3@YAXPAX@Z
__wgetmainargs
memmove
_XcptFilter
printf
_except_handler3
_acmdln
__winitenv
_strnicmp
__setusermatherr
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
__getmainargs
fopen
wcslen
toupper
__set_app_type
fputs
atoi
__p__fmode

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ