VirusShare-011661783299ff4e2894cbf219485e56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-011661783299ff4e2894cbf219485e56
Size

637KB
MD5

011661783299ff4e2894cbf219485e56
SHA1

85846201da0253e850fba1099751768e21de566d
SHA256

e5a31fecd15a4f22718d6372b2dba8e80edef84a25fc29f26ef44dbd4dc0728c
SHA512

1eb2bfb23fdb1c34beec7cb832f6424f1b50d29650aaeb54c0739cf66628eca2a5d60b7ec1fd20790c13b843d85eb1a651c19dea38eecc8534be2ea7acb000c8
SSDEEP

12288:+QYp+Ju0jthFyxDdeC3yjgtIKDZQx2TcDrksJvWLwqWeb:+1QVNyp3sgAx2TXsJvWLnW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-011661783299ff4e2894cbf219485e56

Files

VirusShare-011661783299ff4e2894cbf219485e56
.exe windows:4 windows x86 arch:x86

92bec6c29f95e8ae09d64ce7dc0d17de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
LoadLibraryExA
GetTickCount
GetVersion
GetModuleHandleA
ResetEvent
GetConsoleCP
TlsFree
VirtualProtect
HeapWalk
CloseHandle
InterlockedExchange
lstrlenA
SetEvent
WaitForSingleObject
GetAtomNameA
GetProfileIntA
FindAtomA
GlobalUnlock
GetACP
CompareFileTime

user32

UpdateWindow
EqualRect
GetSubMenu
SetPropA
InsertMenuA
CopyRect
GetDlgItem
CreateCaret
MessageBoxA
PostQuitMessage
DispatchMessageA
GetMenuStringA
DialogBoxParamA
GetKeyboardLayout
PostMessageA
ShowWindow
SetWindowPos
GetMenu
TranslateMessage
LoadIconA
DestroyMenu
GetWindowLongA
ModifyMenuA
GetScrollRange
InflateRect
GetWindowTextA
SubtractRect
PaintDesktop
EnableScrollBar

msi

MsiEnumClientsA
MsiEnumProductsA
MsiCloseHandle
MsiDoActionA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ