VirusShare-015d49106629f206256a934bbb5c67f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-015d49106629f206256a934bbb5c67f5
Size

1.0MB
MD5

015d49106629f206256a934bbb5c67f5
SHA1

29485587ac469a6b2375ed9f5c9bed6b8a083f68
SHA256

f02e5bf15781d1f4e886f4fee3921f5a4e90ff77706def4fc617a77420410686
SHA512

796c88971bf08a9a65f4bf049adcb982c7a3199790eaa8ee5e3a10e0f0cf506d954b80a5780726ea73b911e056317632fc6ae19a43817dbd0a7d0533ea47af29
SSDEEP

24576:3C4iMimo50Yak+iZxPokIJLkqaoi49QZQrtm4oMRzo6mpPmuNAb1k:LiM334Ypk9FJart9o6kOKAb1k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-015d49106629f206256a934bbb5c67f5

Files

VirusShare-015d49106629f206256a934bbb5c67f5
.exe windows:4 windows x86 arch:x86

c3e5cf5ec2673cfb9e34228f76215095

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
SetConsoleTextAttribute
SetConsoleCursorPosition
LocalFree
WriteConsoleA
LocalAlloc
ExitProcess
GetLastError
CloseHandle
ReadFile
WriteFile
VirtualAlloc
GetStdHandle
GetFileSize
CreateFileA
DeleteFileA
GetCommandLineA
GetVersion
HeapFree
RtlUnwind
DeviceIoControl
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapAlloc
SetFilePointer
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetStdHandle

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ