VirusShare_4a54d728ed638d41dd5f791e191fbf38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_4a54d728ed638d41dd5f791e191fbf38
Size

58KB
MD5

4a54d728ed638d41dd5f791e191fbf38
SHA1

63a1fe19649b9088d258e9ab539c4314af6e44f1
SHA256

68e89a879b1ca004116a87e692b2ffe92a08c5ca9cca5965775bcbe57ce5fea8
SHA512

01862fef273857e51abf52d72dfd096d7c60267050e3c35c14d3b7f79ae4f3409b4715d6f7bd9f46785be8f311aaebe0a9eed1ca6ef85dafad942df431c94a4e
SSDEEP

768:/kFaeY5AhF4lpb/59UFUoh4xaPa3J60CZGsOwQ2o04C6d2w7UxFG+N7yQWt/VxXT:cFIAhKnbR9UCohz0M7o04Z2tGNUVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_4a54d728ed638d41dd5f791e191fbf38

Files

VirusShare_4a54d728ed638d41dd5f791e191fbf38
.exe windows:4 windows x86 arch:x86

e0c060dffd027d2627b5860816220923

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetProcessHeap
HeapCreate
lstrcmpiA
GetVolumePathNameA
WaitForMultipleObjects
FileTimeToLocalFileTime
OpenMutexA
GetModuleHandleA
GetLogicalDriveStringsA
lstrlenA
GetDriveTypeW
lstrcmpiA
CreateMailslotA
GetModuleFileNameA
GetStdHandle
Sleep
SetLastError
lstrcmpiA
lstrcmpiA
CreateNamedPipeA
lstrcmpiA
IsValidLocale

scecli

InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ