Static task
static1
Behavioral task
behavioral1
Sample
VirusShare_4a54d728ed638d41dd5f791e191fbf38.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
VirusShare_4a54d728ed638d41dd5f791e191fbf38.exe
Resource
win10v2004-20240508-en
General
-
Target
VirusShare_4a54d728ed638d41dd5f791e191fbf38
-
Size
58KB
-
MD5
4a54d728ed638d41dd5f791e191fbf38
-
SHA1
63a1fe19649b9088d258e9ab539c4314af6e44f1
-
SHA256
68e89a879b1ca004116a87e692b2ffe92a08c5ca9cca5965775bcbe57ce5fea8
-
SHA512
01862fef273857e51abf52d72dfd096d7c60267050e3c35c14d3b7f79ae4f3409b4715d6f7bd9f46785be8f311aaebe0a9eed1ca6ef85dafad942df431c94a4e
-
SSDEEP
768:/kFaeY5AhF4lpb/59UFUoh4xaPa3J60CZGsOwQ2o04C6d2w7UxFG+N7yQWt/VxXT:cFIAhKnbR9UCohz0M7o04Z2tGNUVF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VirusShare_4a54d728ed638d41dd5f791e191fbf38
Files
-
VirusShare_4a54d728ed638d41dd5f791e191fbf38.exe windows:4 windows x86 arch:x86
e0c060dffd027d2627b5860816220923
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeleteFileA
GetProcessHeap
HeapCreate
lstrcmpiA
GetVolumePathNameA
WaitForMultipleObjects
FileTimeToLocalFileTime
OpenMutexA
GetModuleHandleA
GetLogicalDriveStringsA
lstrlenA
GetDriveTypeW
lstrcmpiA
CreateMailslotA
GetModuleFileNameA
GetStdHandle
Sleep
SetLastError
lstrcmpiA
lstrcmpiA
CreateNamedPipeA
lstrcmpiA
IsValidLocale
scecli
InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.adata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ