Open-source atomic malware analysis

Analyze another

VirusShare_718c5a5f9521c56a18b3fadc685b0e5e

PE
Verdict: BENIGN
SHA256: eff907a902a9aa247f604ddd5193302fc277c9bd3d7c4146daa66d209de7b8e5
Mal-ecule
H(Cm)Md₂(Bi₂Si)
Size 11.0 KB download
First seen 40 days ago
Analyzed 35 days ago

Objectives

baseline severity, 90% confident.
anti-analysis/debugger-detect Windows debugger/VM detection (multiple signals)
baseline severity, 100% confident.
anti-static/obfuscation WININET.DLL absent from PE import table
baseline severity, 90% confident.
evasion/indicator-removal Export timestamp is absent

Micro-behaviors

notable severity, 82% confident.
communications/dns/lookup DNSAPI library reference
baseline severity, 90% confident.
mem/alloc Local memory allocation

Metadata

notable severity, 72% confident.
binary Embedded absolute PDB path
notable severity, 80% confident.
binary/metrics Dense PE import table references
notable severity, 100% confident.
signed Binary is not digitally signed
baseline severity, 90% confident.
binary/section PE .reloc section presence
baseline severity, 100% confident.
build requestedExecutionLevel is asInvoker
baseline severity, 95% confident.
dylib::api-ms-win-crt-heap-l1-1-0 links api-ms-win-crt-heap-l1-1-0.dll (set_new_mode)
baseline severity, 95% confident.
dylib::api-ms-win-crt-locale-l1-1-0 links api-ms-win-crt-locale-l1-1-0.dll (configthreadlocale)
baseline severity, 95% confident.
dylib::api-ms-win-crt-math-l1-1-0 links api-ms-win-crt-math-l1-1-0.dll (setusermatherr)
baseline severity, 95% confident.
dylib::api-ms-win-crt-runtime-l1-1-0 links api-ms-win-crt-runtime-l1-1-0.dll (register_onexit_function, crt_atexit, terminate, exit, initialize_onexit_table, ... +13 more)
baseline severity, 95% confident.
dylib::api-ms-win-crt-stdio-l1-1-0 links api-ms-win-crt-stdio-l1-1-0.dll (p__commode, set_fmode)
baseline severity, 95% confident.
dylib::api-ms-win-crt-utility-l1-1-0 links api-ms-win-crt-utility-l1-1-0.dll (rand)
baseline severity, 95% confident.
dylib::dnsapi links DNSAPI.dll (DnsQuery_A)
baseline severity, 95% confident.
dylib::kernel32 links KERNEL32.dll (LocalFree, LocalAlloc, IsDebuggerPresent, InitializeSListHead, GetSystemTimeAsFileTime, ... +12 more)
baseline severity, 95% confident.
dylib::vcruntime140 links VCRUNTIME140.dll (memset, C_specific_handler)
baseline severity, 100% confident.
hardening DEP / NX enabled (NX_COMPAT)

20 of 42 traits shown

Identity

SHA-256 eff907a902a9aa247f604ddd5193302fc277c9bd3d7c4146daa66d209de7b8e5
Filename VirusShare_718c5a5f9521c56a18b3fadc685b0e5e

Timeline

First seen 12 May 2026 18:58 UTC
Last analyzed 17 May 2026 10:25 UTC