Static task
static1
Behavioral task
behavioral1
Sample
GUM.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
GUM.exe
Resource
win10v2004-20220721-en
General
-
Target
GUM.EXE
-
Size
172KB
-
MD5
81912e3dd162ce7c96114a84d0d58b29
-
SHA1
2def8b1c48c9e550f57c9dab915c5232a7113d57
-
SHA256
f91cf396d6cc0e3803aa25fd0770e9a252196ae616e032e4880668c8ded74dc0
-
SHA512
893b3c4483d0a307cad24c73fce27bc4e02438439fc5b07d596146bdb92767e53e60642ff6264ce80891b10c0a7f2a3f5b397560a47ee6e1244d6e5e9a80f341
-
SSDEEP
3072:rNWDB5oIO1909/zdAAyvjFOp1WXNWGA7bulniw4wqPQy95j5VnGGFr5HYnjM:rIB5odw1z3yvYv8WX7K4wqYCVjnGGFrH
Malware Config
Signatures
Files
-
GUM.EXE.exe windows x86
a5db5a466a58a88fc36a0259818100cd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord669
ord598
ord631
EVENT_SINK_AddRef
ord527
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord717
ProcCallEngine
ord644
ord645
ord100
ord616
Sections
.text Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 144KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ