VirusShare_e8b1cbb9a5dfd265100301eb4068ffb0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_e8b1cbb9a5dfd265100301eb4068ffb0
Size

152KB
MD5

e8b1cbb9a5dfd265100301eb4068ffb0
SHA1

f694611b03eedaee7ac4b007c6e341e34e203208
SHA256

5c5bbbc59f94bc92912a34c69ad93b6bab8d3f9a9ab125a8a2737fd7c99fbf91
SHA512

7f7a800b8a8add682e0378f1e7987389ca2130dac11725bfb0b4d1d8382f6dbfbdded65a10ec44040ddcf232ef131b64c140802ffa9eada332e0e0d51c7dbe49
SSDEEP

1536:/4zYVf7Ko3pfpLYGyXkrhhEHfP1oWRHX8rX1KCT4shZzX7bnFsXJY2/PJWHhZzZf:DDKoXY5DHXeGMTvTXbLFmSmPJOBqfk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_e8b1cbb9a5dfd265100301eb4068ffb0

Files

VirusShare_e8b1cbb9a5dfd265100301eb4068ffb0
.dll windows:5 windows x86 arch:x86

af9fc23631013de8faedc409a1cb7a3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\asdf\s34\p;'po!@!#dfg.pdb

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
memset
free
_initterm
malloc

kernel32

FreeConsole
RemoveVectoredExceptionHandler
GetConsoleFontSize
lstrcmpA

user32

IsWindow
DispatchMessageW
CharPrevW
SetWindowLongW
MessageBoxW
WinHelpW
RegisterWindowMessageW

gdi32

DeleteDC
CreateCompatibleDC
GetObjectW

Exports

Exports

Cghrtfui78tyujytuj
hwQWsvDfZPlaHZzgkdhb

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ