Static task
static1
Behavioral task
behavioral1
Sample
VirusShare_70ac5893fc42e834a7de53c8eb7c8f86.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
VirusShare_70ac5893fc42e834a7de53c8eb7c8f86.exe
Resource
win10v2004-20240508-en
General
-
Target
VirusShare_70ac5893fc42e834a7de53c8eb7c8f86
-
Size
484KB
-
MD5
70ac5893fc42e834a7de53c8eb7c8f86
-
SHA1
6173199156a669317720ba248c4d0d0ee8c22dc2
-
SHA256
0fc06db7d6bd9acbc13a4edfdc23fde2ddca74e25a1e9818d7161f199251240d
-
SHA512
986f3b16396a9300dd49b7b5849295408d8d5b8d74b5c1827fef9e787e3d31a38795096e8b1a36f489efe54be5c2b1178a2a9ad9b143ecbe4c2346e5ad3b9e1f
-
SSDEEP
6144:fVei5TzeuNE1KGZAphwvGm2/HZs5nARPCNxnhLwL113KRWJsSI+HuU7RTf6S9Rk:Nei5HeuNRw0T4NxhLkDJfLuc9R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VirusShare_70ac5893fc42e834a7de53c8eb7c8f86
Files
-
VirusShare_70ac5893fc42e834a7de53c8eb7c8f86.exe windows:4 windows x86 arch:x86
25ee991e9308dd6daad0db8f34cb01ef
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
memcpy
iswupper
cos
sprintf
printf
localeconv
setupapi
SetupSetFileQueueAlternatePlatformA
ole32
DoDragDrop
user32
FindWindowExA
kernel32
GetStartupInfoW
GetConsoleWindow
GetStdHandle
FreeConsole
ScrollConsoleScreenBufferA
VirtualQuery
VirtualProtect
GetModuleHandleA
SetFileApisToANSI
GetLocaleInfoA
IsDBCSLeadByte
lstrlenA
OpenFile
WriteTapemark
GetCommProperties
GetLastError
ConvertDefaultLocale
Sections
.text Size: 100KB - Virtual size: 97KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 358KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
g Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
OCA Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
K Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qdata Size: 120KB - Virtual size: 117KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
+pNBd Size: 64KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ