Static task
static1
Behavioral task
behavioral1
Sample
VirusShare_75c5facd913dd95390e1dcd84fd0a0d1.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
VirusShare_75c5facd913dd95390e1dcd84fd0a0d1.exe
Resource
win10v2004-20240508-en
General
-
Target
VirusShare_75c5facd913dd95390e1dcd84fd0a0d1
-
Size
58KB
-
MD5
75c5facd913dd95390e1dcd84fd0a0d1
-
SHA1
72732fe79a31e033194e7690ceb7782d38f99c9e
-
SHA256
aeef76f9a61716dc90cc1f1930e9ac55ee10d38d05d322da99aac6745b132d12
-
SHA512
d59786b9aedffa0d38bb24425625052ba1fd814e15ef04734a07bd20165e537ae8ed623f935c7e1539ad84901d30ed1fe695fac888364c4f41f04351b0bf7afc
-
SSDEEP
1536:O7JHPDAZDeanlXc/+0L6H6o0p/3fWhboPTg:OuZD3rhl0xvYboP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VirusShare_75c5facd913dd95390e1dcd84fd0a0d1
Files
-
VirusShare_75c5facd913dd95390e1dcd84fd0a0d1.exe windows:4 windows x86 arch:x86
47f8231b2142d52a99574681973bbe93
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcmpiA
lstrcmpiA
GetModuleHandleA
lstrlenA
IsValidLocale
Sleep
OpenMutexA
HeapCreate
WaitForMultipleObjects
GetProcessHeap
GetStdHandle
SetLastError
lstrcmpiA
GetVolumePathNameA
CreateNamedPipeA
CreateMailslotA
FileTimeToLocalFileTime
GetLogicalDriveStringsA
GetDriveTypeW
lstrcmpiA
GetModuleFileNameA
lstrcmpiA
DeleteFileA
scecli
DeltaNotify
SceSysPrep
SceOpenPolicy
InitializeChangeNotify
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.adata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ