VirusShare_005afdf813a524051d99cc6d8712191d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_005afdf813a524051d99cc6d8712191d
Size

7KB
MD5

005afdf813a524051d99cc6d8712191d
SHA1

828061ba3b82a793272a3cea3a142828c47f5cfd
SHA256

795d3dc5d1c8ba213cc9009ad672e8ccfd9846e29cc7b9a8d025ade378061814
SHA512

a076c9abc9220507081cbd60b6066e7a4946b985fcaf2036e384b99c7d3330bc3559483d7fcbe19098038de94c658710b92af04af4ae60960f9adb606283b707
SSDEEP

96:6z4NRYlDvGcxyF0do04Yh2YhwUTwy/+nhHopMPKeHDpoTKuIJY0LEEkM:VNmNvGcu02WvwqwNwEKwBdkM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_005afdf813a524051d99cc6d8712191d

Files

VirusShare_005afdf813a524051d99cc6d8712191d
.exe windows:4 windows x86 arch:x86

b08d0852549ec8bc1f66cb16365ba3c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

FindNextFileA
FindResourceA
FreeResource
GetEnvironmentVariableA
GetFileSize
GetLogicalDrives
GetModuleFileNameA
GlobalAlloc
GlobalFree
LoadResource
LockResource
FindFirstFileA
OpenMutexA
ReadFile
RtlMoveMemory
FindClose
SetFilePointer
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
ExitProcess
CreateMutexA
CreateFileA
CloseHandle
MoveFileA
SetErrorMode

shell32

SHGetSpecialFolderPathA
ShellExecuteA

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptEncrypt
CryptExportKey
CryptGenKey
CryptImportKey
CryptDestroyKey

shlwapi

PathMatchSpecA
PathFindFileNameA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ