| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | virussign.com_830b6a0daf7b07bc1bc60071cf77146c.vir |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 0116f4199eb4c60c090dff8f5c752f3d5d239b23 |
| MD5: | 830b6a0daf7b07bc1bc60071cf77146c |
| First Seen Date: | 2024-07-14 09:58:31.994639 ( ) |
| Number of Clients Seen: | 2 |
| Last Analysis Date: | 2024-07-14 09:59:01.394435 ( ) |
| Human Expert Analysis Date: | 2024-07-15 14:14:59.243782 ( ) |
| Human Expert Analysis Result: | Malware |
| Property | Value |
|---|---|
| magic literal enum | 3 |
| file type enum | 6 |
| debug artifacts | [] |
| number of sections | 3 |
| trid | [] |
| compilation time stamp | 0x4407306D [Thu Mar 2 17:50:37 2006 UTC] |
| entry point | 0x404c20 (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 1388184 |
| ssdeep | |
| sha256 | 5481dc4dcc6289e832222434642c0f94e229d365a81f9ad211aee0f2aaee0a7b |
| exifinfo | [] |
| mime type | application/x-dosexec |
| imphash |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0xa566 | 0xa600 | 6.44597193467 | 5b219decd6fd463ad3ad0dddf889571c |
| .rdata | 0xc000 | 0x6504 | 0x6600 | 5.17229189334 | 8806421e2c7a0ca959009736cb2393d1 |
| .data | 0x13000 | 0x18000 | 0x17200 | 7.64656953222 | cde43b2685fa47424ca4ace8c49d112e |