VirusShare_1a6ae642d2ed750f9de71bfd1f24c8b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_1a6ae642d2ed750f9de71bfd1f24c8b0
Size

168KB
MD5

1a6ae642d2ed750f9de71bfd1f24c8b0
SHA1

90fb61b0a4a89d1e434b9ebec7805381484d53ff
SHA256

a4beaa7d2ea14f5d6d32b41fc8aa771dff86e630014c9154286b588bbdecc445
SHA512

4c949c29e129f7f52c31b1e5d6ddae68d9b36aa8d28f943f07286264ec4ad9279a489ad0312c6e9c403cf7ad64521baa18a7469f401a3ade393755197a7425a4
SSDEEP

1536:mXPHT+IE/8G8Vr3Ia6Jo9z40M7FCtUJLLT4SHkrzDP3sz0zYlOAny5uXwU:Uz48Rr3IGR40M7doSQzDPLsgF9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1a6ae642d2ed750f9de71bfd1f24c8b0

Files

VirusShare_1a6ae642d2ed750f9de71bfd1f24c8b0
.dll windows:4 windows x86 arch:x86

5e309cce430d9ffd87e589b2f3c73fd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\srue54dbvfsch\4356eesfag\zdgfrwehkl.PDB

Imports

kernel32

GetConsoleMode
GetConsoleScreenBufferInfo
LocalAlloc
FreeConsole
LocalFree

user32

GetClassLongW
CharPrevExA
SetClipboardData
GetDialogBaseUnits
SwapMouseButton
CheckMenuItem
GetCapture
PtInRect
GetQueueStatus
GrayStringA
ChangeDisplaySettingsW
InvertRect
ClientToScreen
DialogBoxParamA
wvsprintfW
SetDoubleClickTime
RemoveMenu
ArrangeIconicWindows
FrameRect
CreateIcon
ExitWindowsEx

msvcrt

__dllonexit
_adjust_fdiv
malloc
_initterm
free
strerror
realloc
fwscanf
sin
isalpha
div
getwc
islower
iswlower
fputs
mblen
swprintf
strcat
_onexit
fgetc
abort
ctime

Exports

Exports

AIQkArLanPffhWQiXgZL
dIzeynwyKrovIvcb
wEQEoyiPb

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ