Open-source atomic malware analysis

Analyze another

VirusShare_caa93157d177ac904cd7dcf55b7ddf20

PE
Verdict: BENIGN
SHA256: 3ced43d46940cc1961a35aade1c7afe3b3301f555c886ffb2c275635337aad9c
Mal-ecule
H(Cm)Md₂(Bi₂Si)
Size 11.0 KB download
First seen 38 days ago
Analyzed 33 days ago

Objectives

baseline severity, 90% confident.
anti-analysis/debugger-detect Windows debugger/VM detection (multiple signals)
baseline severity, 100% confident.
anti-static/obfuscation WININET.DLL absent from PE import table
baseline severity, 90% confident.
evasion/indicator-removal Export timestamp is absent

Micro-behaviors

notable severity, 82% confident.
communications/dns/lookup DNSAPI library reference
baseline severity, 90% confident.
mem/alloc Local memory allocation

Metadata

notable severity, 72% confident.
binary Embedded absolute PDB path
notable severity, 80% confident.
binary/metrics Dense PE import table references
notable severity, 100% confident.
signed Binary is not digitally signed
baseline severity, 90% confident.
binary/section PE .reloc section presence
baseline severity, 100% confident.
build requestedExecutionLevel is asInvoker
baseline severity, 95% confident.
dylib::api-ms-win-crt-heap-l1-1-0 links api-ms-win-crt-heap-l1-1-0.dll (set_new_mode)
baseline severity, 95% confident.
dylib::api-ms-win-crt-locale-l1-1-0 links api-ms-win-crt-locale-l1-1-0.dll (configthreadlocale)
baseline severity, 95% confident.
dylib::api-ms-win-crt-math-l1-1-0 links api-ms-win-crt-math-l1-1-0.dll (setusermatherr)
baseline severity, 95% confident.
dylib::api-ms-win-crt-runtime-l1-1-0 links api-ms-win-crt-runtime-l1-1-0.dll (register_onexit_function, crt_atexit, terminate, exit, initialize_onexit_table, ... +13 more)
baseline severity, 95% confident.
dylib::api-ms-win-crt-stdio-l1-1-0 links api-ms-win-crt-stdio-l1-1-0.dll (p__commode, set_fmode)
baseline severity, 95% confident.
dylib::api-ms-win-crt-utility-l1-1-0 links api-ms-win-crt-utility-l1-1-0.dll (rand)
baseline severity, 95% confident.
dylib::dnsapi links DNSAPI.dll (DnsQuery_A)
baseline severity, 95% confident.
dylib::kernel32 links KERNEL32.dll (LocalFree, LocalAlloc, IsDebuggerPresent, InitializeSListHead, GetSystemTimeAsFileTime, ... +12 more)
baseline severity, 95% confident.
dylib::vcruntime140 links VCRUNTIME140.dll (memset, C_specific_handler)
baseline severity, 100% confident.
hardening ASLR enabled (DYNAMIC_BASE)

20 of 42 traits shown

Identity

SHA-256 3ced43d46940cc1961a35aade1c7afe3b3301f555c886ffb2c275635337aad9c
Filename VirusShare_caa93157d177ac904cd7dcf55b7ddf20

Timeline

First seen 12 May 2026 19:05 UTC
Last analyzed 17 May 2026 22:06 UTC