VirusShare_5735afc975ab10e997dddb235f7f86e0
PE
Verdict: BENIGN
Objectives
-
Software\C -
Software\M -
VS_VERSION_INFO
-
F:\Office\Targetd\ship\postc2r\xone\msoxmled.pdb
-
F:\Office\Targetd\ship\postc2r\xone\msoxmled.pdb -
\msoxmled.pdb -
msoxmled.pdb
-
ClearPropertyBagValue -
GetStatusValue -
RegQueryValueExW
-
.EXE
-
5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 -
Microsoft Corporation -
Microsoft Corporation0 -
Microsoft Corporation1 -
Microsoft Corporation1!0 -
Microsoft Corporation1#0! -
Microsoft Corporation1&0$ -
Microsoft Corporation1(0&
-
IsRoaming
-
WinWord
Micro-behaviors
-
URLDownloadToFileW -
WININET.dll -
urlmon.dll
-
Microsoft Code Signing PCA 2011 -
Microsoft Time-Stamp PCA 2010 -
Microsoft Time-Stamp Service
-
GetProcAddress
-
CreateFile
-
IsWow64Process
-
ADVAPI32.dll -
SHELL32.dll -
USER32.dll
-
RegQueryValueExW
-
CloseHandle -
CreateProcessW
Metadata
-
4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 -
Microsoft Corporation -
VirusShare_5735afc975ab10e997dddb235f7f86e0
-
parse.error_count = 2.00
-
Microsoft Corporation×3 -
CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US -
Microsoft Code Signing PCA 2011 -
Microsoft Time-Stamp PCA 2010 -
Microsoft Time-Stamp Service -
true
-
[high_entropy_va, dynamic_base, nx_compat, terminal_server_aware]×3
20 of 30 traits shown
Objectives
-
Software\C -
Software\M -
VS_VERSION_INFO
-
F:\Office\Targetd\ship\postc2r\xone\msoxmled.pdb
-
F:\Office\Targetd\ship\postc2r\xone\msoxmled.pdb -
\msoxmled.pdb -
msoxmled.pdb
-
ClearPropertyBagValue -
GetStatusValue -
RegQueryValueExW
-
.EXE
-
5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 -
Microsoft Corporation -
Microsoft Corporation0 -
Microsoft Corporation1 -
Microsoft Corporation1!0 -
Microsoft Corporation1#0! -
Microsoft Corporation1&0$ -
Microsoft Corporation1(0&
-
IsRoaming
-
WinWord
Micro-behaviors
-
URLDownloadToFileW -
WININET.dll -
urlmon.dll
-
Microsoft Code Signing PCA 2011 -
Microsoft Time-Stamp PCA 2010 -
Microsoft Time-Stamp Service
-
GetProcAddress
-
CreateFile
-
IsWow64Process
-
ADVAPI32.dll -
SHELL32.dll -
USER32.dll
-
RegQueryValueExW
-
CloseHandle -
CreateProcessW
Metadata
-
4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 -
Microsoft Corporation -
VirusShare_5735afc975ab10e997dddb235f7f86e0
-
parse.error_count = 2.00
-
Microsoft Corporation×3 -
CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US -
Microsoft Code Signing PCA 2011 -
Microsoft Time-Stamp PCA 2010 -
Microsoft Time-Stamp Service -
true
-
[high_entropy_va, dynamic_base, nx_compat, terminal_server_aware]×3
20 of 30 traits shown
Identity
| SHA-256 | 5b6ea0ef5dda5b896405e9135d1b6d3192b077d79c9df1ee125ffc1e88431aab |
|---|---|
| Filename | VirusShare_5735afc975ab10e997dddb235f7f86e0 |
Timeline
| First seen | 12 May 2026 18:59 UTC |
|---|---|
| Last analyzed | 25 May 2026 17:28 UTC |
Not seeing what you expected? Let us know