VirusShare-00e8c27abbd6468e4d0e11ceae168c38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-00e8c27abbd6468e4d0e11ceae168c38
Size

183KB
MD5

00e8c27abbd6468e4d0e11ceae168c38
SHA1

fb74294385ade2a829e6de736b31a4bebab40de6
SHA256

4bdd9aa6d074e45226dd150fa06fa46c9e8bc8fb6a5d91a4e573a71af837b296
SHA512

255c6086625e0b9eb58a5b708f836972051286ff1384077297cd96767691381e0d4793ecfd4251be392f15e39b93d186217a1ce4b740c955d1ed4aaedd3b7ed2
SSDEEP

3072:AkdTY2CDT45ZC6re/KjhwTFOAW1w/MF3Gh7wy95h6akZnzavDKeWN7:Akc45ZCBQh2F56U9E8v67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-00e8c27abbd6468e4d0e11ceae168c38

Files

VirusShare-00e8c27abbd6468e4d0e11ceae168c38
.exe windows:4 windows x86 arch:x86

5bbcfde77f04969942135be42dfda870

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICClose
ICOpen
ICDecompress

user32

CreatePopupMenu
TrackPopupMenuEx
SetCursor
ClipCursor
RedrawWindow
LoadCursorW
SetParent
GetFocus
InvalidateRect
IsWindow
DestroyMenu
EnableWindow
SetWindowPos
GetDesktopWindow
PtInRect

ole32

StgCreateDocfile
StgOpenStorage

kernel32

GetProcAddress
GetShortPathNameW
GetCurrentProcessId
SetHandleInformation
GetModuleHandleW
CreateFileW
EnumResourceTypesW
GetCurrentThreadId
GlobalFree
ExitProcess
LoadLibraryW
GetLastError
CloseHandle
UnhandledExceptionFilter
GetVersionExW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ