VirusShare_a5b99a5679fa473af03bba246812c380 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_a5b99a5679fa473af03bba246812c380
Size

337KB
MD5

a5b99a5679fa473af03bba246812c380
SHA1

8809fd8fa1898c39b32be0dc3b0806b6a459d469
SHA256

793bfd408bfcb25b418463846b15936a16d5daf43936e564059f2d977e194bb8
SHA512

d0b978000692b7c3a53eab1dd5ee3ef22502a96325295ddfadaca3daceb8ba05ac668520385fb2f4004e8b6b95dae1476a0eedd36a890fd709cd04d3e90b80d8
SSDEEP

6144:Nam+FBGcEXkBno7uJslHW5lkkvBrfWN9yl3sKH1mNWdLMaXBSo7tMPzXjJm:NamA4cEXMo7bmnO9s3zVmNWdn8qtMBm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_a5b99a5679fa473af03bba246812c380

Files

VirusShare_a5b99a5679fa473af03bba246812c380
.exe windows:4 windows x86 arch:x86

9dfb12f9f48e0c7a2707b5b5ea509d8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawStateW
GetCursorPos
UnhookWinEvent
MapVirtualKeyExA
SetClassLongW
DefWindowProcA
GetClassNameW
KillTimer
DialogBoxParamA
DrawStateA
DefFrameProcW
AppendMenuW
GetKeyNameTextW
AttachThreadInput
GetUserObjectInformationW
GetQueueStatus
LoadAcceleratorsA
EnumDisplaySettingsW
PostThreadMessageA
LoadStringW
GetSystemMetrics
CharNextA
UnionRect
MapWindowPoints
GetKeyState
GetCaretPos
GetSysColor
GetClipboardFormatNameW
GetWindowWord
CharLowerBuffA
SetWindowLongW
SetActiveWindow
FindWindowExA

msvcrt

sprintf
_putwch
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_strrev
time
wcscmp
fopen
wcsrchr
_rotl
_j0
vprintf
__set_app_type

kernel32

Thread32Next
CompareStringW
CreateEventW
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ