e5af78f9d8cd89a9e7c384aa0455cc6b75549698eadfbaad90f7e2793a1f4d82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e5af78f9d8cd89a9e7c384aa0455cc6b75549698eadfbaad90f7e2793a1f4d82
Size

36KB
MD5

63e3ae016c5a0b058a06b937a6078443
SHA1

b46140666fd612b67b2f748001bce6f31d51c3f2
SHA256

e5af78f9d8cd89a9e7c384aa0455cc6b75549698eadfbaad90f7e2793a1f4d82
SHA512

97cfcea7a1f0aed8b99d1b028d4c60b765ce8a40994c7273794f5dd5f61bbca7046fa2ba01d6a819015731355fb11b378dd1c3866c8daa9dcb4a7ed34605616b
SSDEEP

384:J4gwesl+O59syoWbCKmjUM4RVv64rB2W/m4UpU2pVI:/y+Ny/sjORdmS23

Score

N/A

Malware Config

Signatures

Files

e5af78f9d8cd89a9e7c384aa0455cc6b75549698eadfbaad90f7e2793a1f4d82
.exe windows x86

ba0e6d5a3b2c26c6822e86401f45c6f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
GetWindowLongA
UnhookWindowsHookEx
SetWindowLongA
CallWindowProcA

kernel32

GetProcAddress
RtlMoveMemory
GlobalFree
GetModuleHandleA
GetVersionExA
GlobalAlloc

msvbvm60

EVENT_SINK_GetIDsOfNames
ord694
MethCallEngine
EVENT_SINK_Invoke
ord516
ord519
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord598
ord631
ord525
EVENT_SINK_AddRef
ord528
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord319
ProcCallEngine
ord537
ord644
EVENT_SINK2_AddRef
ord681
ord100
ord320
ord321
ord616
ord546
ord581

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ