VirusShare-000fd0d85973e82848a3da78cef7595f | Triage

Sharing

General

Target

VirusShare-000fd0d85973e82848a3da78cef7595f
Size

109KB
MD5

000fd0d85973e82848a3da78cef7595f
SHA1

d3322060e3d06924de6a356734a6b4e2e61a1b7e
SHA256

d9280cb102aec44b36fe943412b2a3423386e7a3cb66f66ad30102e07462ee3e
SHA512

91ac7942214c72c4f4339f128a22098665ee49e2948404ea822d2484a743e761002c3166853d397f007926e061ffa236b57dcbb62c2a4d63ab26ef566274ccee
SSDEEP

3072:bIZxbhyQuw2CuOPDhAf23g1SAT/yeMLMS:sZaQuw9uO7hAflYq6eOM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-000fd0d85973e82848a3da78cef7595f

Files

VirusShare-000fd0d85973e82848a3da78cef7595f
.exe windows:5 windows x86 arch:x86

48d3b3a74abb759950bb2a32bbcb3194

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
VirtualAlloc
LocalAlloc
GetModuleHandleA
VirtualProtect
LocalFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualFree
RtlUnwind
CreateThread
ExitProcess

user32

DestroyWindow
RegisterClassA
DispatchMessageA
ShowWindow
GetMessageA
LoadIconA
CreateWindowExA
DefWindowProcA
SetWindowPos
TranslateMessage

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pppd
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ