2024-02-19_bd7af9ee4a321430c081293bf23511a6_virlock | Triage

Sharing

General

Target

2024-02-19_bd7af9ee4a321430c081293bf23511a6_virlock
Size

2.0MB
MD5

bd7af9ee4a321430c081293bf23511a6
SHA1

75d8c44b6b614225a100c4b068206bd030fd505d
SHA256

4b43f8d9da366bd3021f417c6227d7272cd354f7039218eeee6507573ba1477e
SHA512

15fea8a8160eb7d5b5edf82c73b1f733b55464a83ee8cf22a82d781a0f96fba41a4ab04ee0e50d0607e9d514cd60c71c1ce74859789814f53e2dadc7465303fd
SSDEEP

24576:wEjNV509U3uABOiDfRePDE8vlxk7Tnhm7svkf0dJP97SySpTufYvzWmVZpYdb:jubEOiDf0LE8dgE7sMMPIpTufczY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-19_bd7af9ee4a321430c081293bf23511a6_virlock

Files

2024-02-19_bd7af9ee4a321430c081293bf23511a6_virlock
.exe windows:4 windows x86 arch:x86

dc9209ce8837cec9b6e0b4c784723535

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VirtualAlloc

user32

GetCapture
GetKBCodePage

Sections

.text
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE