2024-07-28_4a2f792122e0f33421c0d523dc14ebca_virlock | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-28_4a2f792122e0f33421c0d523dc14ebca_virlock
Size

714KB
MD5

4a2f792122e0f33421c0d523dc14ebca
SHA1

d05f282298cc119a100a7b9fee0402a7a717f313
SHA256

e52b69e92ba4cd2fc5ae2042e516e8f509370bf106f251ceda910b7902e7a00c
SHA512

43197fb7adfa3268dcbadf9f0e0d0107c229403ebc69147a9b6d18d94a429540ddf5ce330cd7140151ad8e76fd939ffe6204b0571ab2529aacd885ddd229cd12
SSDEEP

12288:AGSN3Qofm/8rFsT3zuguwiphFicfkZH8ZVT8EyTNtl2yllzYfvveL:XM3h+OFW3/chF1fUH8ZVT+tgMYf8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-28_4a2f792122e0f33421c0d523dc14ebca_virlock

Files

2024-07-28_4a2f792122e0f33421c0d523dc14ebca_virlock
.exe windows:4 windows x86 arch:x86

68c712cf1eacecc52e868f959f14bd4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessagePos
GetInputDesktop
GetClassLongW
RegisterHotKey

kernel32

SetFileShortNameW
GetLastError

ntdll

RtlActivateActivationContextUnsafeFast
ZwMakeTemporaryObject

ws2_32

WSARecvFrom

Sections

.text
Size: 710KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE