VirusShare_0b1c8d839a3b1a5c32f7f23f1ead2a79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_0b1c8d839a3b1a5c32f7f23f1ead2a79
Size

211KB
MD5

0b1c8d839a3b1a5c32f7f23f1ead2a79
SHA1

a2d45caa972f342a804201930384d42746188a6f
SHA256

d1ff5552be5af48039838e3ef8479b349add0aaf7ceb67ad2a50b84893b5c30a
SHA512

8bc7f6227fda29412f47cdc87b5436acc5fbccac986bdb48108cd44b1f4389b6b0e7ce9e0588c502a86a93ca351e3ccdced809ac5e706fda6fc43a439af252f5
SSDEEP

3072:XM9Y+c4INR5IynnFSLfUqNZnNrqI9FU2b:XM99uNR5IynF/qr9hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_0b1c8d839a3b1a5c32f7f23f1ead2a79

Files

VirusShare_0b1c8d839a3b1a5c32f7f23f1ead2a79
.dll windows:4 windows x86 arch:x86

a0fb932e323207bb1a5f294c84668f37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAsciiEx

advapi32

FreeSid
CheckTokenMembership
AllocateAndInitializeSid

version

GetFileVersionInfoA
VerQueryValueA

Exports

Exports

yhjOwwGai

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

adata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ