Malware

Valkyrie Final Verdict

File Name: virussign.com_0f44b81c33a38e7725714b89c0bbe02a.vir

File Type: PE32 executable (GUI) Intel 80386, for MS Windows

SHA1: 72377207577f6222000794b56cf54b61c09f24cc

MD5: 0f44b81c33a38e7725714b89c0bbe02a

First Seen Date: 2024-07-14 13:50:45 ( 10 month(s) 28 day(s) ago )

Number of Clients Seen: 2

Last Analysis Date: 2024-07-15 14:15:07 ( 10 month(s) 27 day(s) ago )

Human Expert Analysis Date: 2024-07-15 14:14:59 ( 10 month(s) 27 day(s) ago )

Human Expert Analysis Result: Malware

Verdict Source: Valkyrie Human Expert Analysis Overall Verdict

Analysis Summary

Analysis Type	Date	Verdict
Signature Based Detection	2024-07-14 16:16:33	Malware
Static Analysis Overall Verdict	2024-07-14 13:51:12	Highly Suspicious
Precise Detectors Overall Verdict	2024-07-15 14:15:07	No Match
Human Expert Analysis Overall Verdict	2024-07-15 14:14:59	Malware
File Certificate Validation	2024-07-14 13:51:12	Not Applicable

Static Analysis

Static Analysis Overall Verdict	Result
Highly Suspicious

Detector	Result
Optional Header LoaderFlags field is valued illegal	Clean
Non-ascii or empty section names detected	Clean
Illegal size of optional Header	Clean
Packer detection on signature database	Unknown
Based on the sections entropy check! file is possibly packed	Suspicious
Timestamp value suspicious	Clean
Header Checksum is zero!	Suspicious
Enrty point is outside the 1st(.code) section! Binary is possibly packed	Clean
Optional Header NumberOfRvaAndSizes field is valued illegal	Clean
Anti-vm present	Clean
The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger	Clean
TLS callback functions array detected	Clean

Dynamic Analysis

No Dynamic Analysis Result Received

Behavioral Information is not Available

Precise Detectors Analysis Results

Detector Name	Date	Verdict		Reason
Static Precise PUA Detector 1	2024-07-14 13:51:08	No Match		NotDetected
Static Precise PUA Detector 4	2024-07-14 13:51:08	No Match		NotDetected
Static Precise NI Detector 3	2024-07-14 13:51:08	No Match		NotDetected
Static Precise PUA Detector 5	2024-07-14 13:51:08	No Match		NotDetected
Static Precise Trojan Detector 1	2024-07-14 13:51:08	No Match		NotDetected
Static Precise Trojan Detector 3	2024-07-14 13:51:08	No Match		NotDetected
Static Precise PUA Detector 6	2024-07-14 13:51:08	No Match		NotDetected
Static Precise Trojan Detector 12	2024-07-14 13:51:08	No Match		NotDetected
Static Precise Virus Detector 1	2024-07-14 13:51:08	No Match		NotDetected
Static Precise Virus Detector 2	2024-07-14 13:51:08	No Match		NotDetected
Static Precise Trojan Detector 13	2024-07-14 13:51:08	No Match		NotDetected
Static Precise PUA Detector 2	2024-07-14 13:51:08	No Match		NotDetected

Advance Heuristics

No Advanced Heuristic Analysis Result Received

Human Expert Analysis Results

Analysis Start Date: 2024-07-15 06:18:56 ( 10 month(s) 27 day(s) ago )

Analysis End Date: 2024-07-15 14:14:59 ( 10 month(s) 27 day(s) ago )

File Upload Date: 2024-07-14 13:50:36 ( 10 month(s) 28 day(s) ago )

Update Date: 2024-07-15 14:15:07 ( 10 month(s) 27 day(s) ago )

Human Expert Analyst Feedback:

Verdict: Malware

Malware Family:

Malware Type: Trojan Generic

Additional File Information

Vendor Validation - Vendor Validation is not Applicable

Certificate Validation - Certificate Validation is not Applicable

PE Headers

Property	Value
compilation time stamp	0x4407306D [Thu Mar 2 17:50:37 2006 UTC]
debug artifacts
entry point	0x404c20 (.text)
exifinfo
file size	1553603
file type enum	6
imphash
machine type	Intel 386 or later - 32Bit
magic literal enum	3
mime type	application/x-dosexec
number of sections	3
sha256	a8a358485e1b69cf2d9200cfe275dc529319eff74ea4b0b1c1b9e4ec66e25e44
ssdeep
trid

PE Sections

Name	Virtual Address	Virtual Size	Raw Size	Entropy	MD5
.text	0x1000	0xa566	0xa600	6.44597193467	5b219decd6fd463ad3ad0dddf889571c
.rdata	0xc000	0x6504	0x6600	5.17229189334	8806421e2c7a0ca959009736cb2393d1
.data	0x13000	0x18000	0x17200	7.64612659165	9d6482c94c45cf571f1e743c3f41f923

Loading...