VirusShare_78f8f86179488bc063d21b243fc5d73c | Triage

Sharing

General

Target

VirusShare_78f8f86179488bc063d21b243fc5d73c
Size

84KB
MD5

78f8f86179488bc063d21b243fc5d73c
SHA1

32b556629477fbdf83a119bf103eeb9811eeaea6
SHA256

76a59ba7ea2ece65f2fc9a69b4b386f3a3a78b2a74a17642837a19b61a3a4f3d
SHA512

32f3d7a465991a9c59dcfa1299ceaad6cb60c80674a2c1c8e783a94f44417b570b74eddfb700e1f16fc3e942c581c89e4921c9aa5b5b63b2536d126f781d6cd5
SSDEEP

768:gagCidRhOkc1freE+bnJsFz0pxKTe85FHRHkcqSUoFpPmqdiYZcYLjy+:gagVR6f4et0p+e85tVkh9oh5c6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_78f8f86179488bc063d21b243fc5d73c

Files

VirusShare_78f8f86179488bc063d21b243fc5d73c
.exe windows:4 windows x86 arch:x86

329fd679301e8b70fa7ff64d0650d282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GetProcAddress
VirtualAlloc
CloseHandle
RtlUnwind
LoadLibraryA
GetCurrentProcess
GetModuleHandleA
HeapReAlloc
HeapAlloc
VirtualFree
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
TerminateProcess
Sleep
GetCurrentThreadId
GetTickCount
ExitProcess
HeapFree
QueryPerformanceCounter

user32

SetFocus
LoadImageA
LoadIconA

ole32

CoInitialize

ws2_32

select
recv
closesocket

winmm

auxSetVolume
mciSendCommandA

avifil32

AVIClearClipboard

winscard

SCardCancel

Exports

Exports

?__ULT@@YAKK@Z

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT3
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ