VirusShare-fda6279f525eac4826f3cb95ba9183c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare-fda6279f525eac4826f3cb95ba9183c0
Size

4KB
MD5

fda6279f525eac4826f3cb95ba9183c0
SHA1

450fe9062c988b1ce93a6601c1ca7dfe479c8256
SHA256

99a941b9af17e8d08ecc619f495cd38f2216d53003a8f3787b93b91df9fdd7d9
SHA512

352ef386e629f892c3169fe65fba79b70e0180e928df2122e5ae388dcd95cb101b2838a1a40d7996c266307abfe2dda32481597cbdcddd1cf8da3d286551b53f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare-fda6279f525eac4826f3cb95ba9183c0

Files

VirusShare-fda6279f525eac4826f3cb95ba9183c0
.dll windows:4 windows x86 arch:x86

67eeaa5a11565a13ff73b507f5216520

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

PeekNamedPipe
GetExitCodeProcess
Sleep
lstrlenA
CreateProcessA
lstrcatA
ReadFile
lstrcpyA
GetStartupInfoA
CloseHandle
CreatePipe
CreateThread
WriteFile
GetSystemDirectoryA
GetVersionExA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

ws2_32

bind
htons
socket
WSAStartup
closesocket
recv
send
accept
WSACleanup
listen

Exports

Exports

InitShell

Sections

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ