71dcff2988b1a1b75dcf94a43a61c9af9441754bc7c5d0e4735ec1d4b45437f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71dcff2988b1a1b75dcf94a43a61c9af9441754bc7c5d0e4735ec1d4b45437f6
Size

196KB
MD5

a2557d2ea3d4b3d687535d0df78b2be0
SHA1

a56cfbf76ceda34ee281176fb51f5c3beced4424
SHA256

71dcff2988b1a1b75dcf94a43a61c9af9441754bc7c5d0e4735ec1d4b45437f6
SHA512

125f9a2603065604fd37418ee5d11d59c7be355d7860a98a6cd48cee7c18651eb122af2dca639e1ef4a2e16d2743f946f9a54edf0909eb21ffc7c1b12c22da17
SSDEEP

3072:eabXkCqV7Vlxhm3D6LTuPGng2BIFpzAfxNE1WlnXKUpcdeujbfsRemhlFMyh:QJlxhm0Ct2KzOXAzXfYdXR

Score

N/A

Malware Config

Signatures

Files

71dcff2988b1a1b75dcf94a43a61c9af9441754bc7c5d0e4735ec1d4b45437f6
.exe windows x86

18bce83cf326ad2a7a4ec5ae9d4dde15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtWriteVirtualMemory
NtUnmapViewOfSection

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
Zombie_GetTypeInfo
ord300
ord595
ord599
ord306
ord631
ord632
EVENT_SINK_AddRef
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ord537
ord644
ord685
ord100
ord617

kernel32

RtlMoveMemory
ResumeThread
VirtualAllocEx
GetThreadContext
SetThreadContext
CreateProcessA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ