2024-03-18_67fa08d589e97c1d61eb0927e2ff6355_virlock | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-18_67fa08d589e97c1d61eb0927e2ff6355_virlock
Size

714KB
MD5

67fa08d589e97c1d61eb0927e2ff6355
SHA1

95d04ff241b3453382348f746355717df52ad05c
SHA256

0ae9688f9dac439ba6018ce3dcd238bec043f7dff2f72271b8e6fb0e78b2e9e1
SHA512

e97d56fe403dfd6ebdad8b9736714c6f5ba26d0e41946c6f944b09b6a7bac269c71c7a0f9369e0da7cbc4f1a9b93c823c63f1887e790db9003527990628959dd
SSDEEP

12288:Np448ZX2xudnfat2ZW18DdRVawucB5di7s94f78QpFe8:Nn8ZXTdy2s8D8wucFcs94zVpFB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-18_67fa08d589e97c1d61eb0927e2ff6355_virlock

Files

2024-03-18_67fa08d589e97c1d61eb0927e2ff6355_virlock
.exe windows:4 windows x86 arch:x86

713eb0aa0ccb06a1ff1a2957d3f60681

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetTickCount
GetCommandLineA

advapi32

GetAuditedPermissionsFromAclW

user32

RegisterClassExW
GetKBCodePage

oleaut32

VectorFromBstr
CreateTypeLib2

Sections

.text
Size: 710KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE