bf6de455d949c52cb2f001615f505dccf2bb49fb1122e60baa8ea871699b38ec

Sharing

Copy URL Twitter E-mail

General

Target

bf6de455d949c52cb2f001615f505dccf2bb49fb1122e60baa8ea871699b38ec
Size

206KB
MD5

96280c0512ad676cb8064ed38df45bfc
SHA1

7a48ef8012cbae8492e79b221d85365fcafe1143
SHA256

bf6de455d949c52cb2f001615f505dccf2bb49fb1122e60baa8ea871699b38ec
SHA512

6cd2bfbfda76a459d9e6190dcb47776f6e2afac445fb435ed27110c7eec32d45de4ea934b300fac4ada62d085093d5610bfb64fa3f7643b312ad3f2b57238871
SSDEEP

3072:Tv49o11QFn6D34wQlUVU6ab4lFOJKO3qHy37j4uEx95Ya6W:jSn6DLQIU604jOx7zLW

Score

N/A

Malware Config

Signatures

Files

bf6de455d949c52cb2f001615f505dccf2bb49fb1122e60baa8ea871699b38ec
.exe windows x86

6f13024ff68a5a0b284911ebf7cdfb57

Code Sign

01
Certificate

Issuer

O=Internet Widgits Pty Ltd,ST=ER,C=FD

Not Before

12/12/2012, 14:48

Not After

12/12/2014, 14:48

Subject

O=Internet Widgits Pty Ltd,ST=Some-State,C=VS

16:7f:f0:99:37:87:30:e5:92:5c:02:f2:fe:a1:8d:98:5f:b8:57:75
Signer

Actual PE Digest

16:7f:f0:99:37:87:30:e5:92:5c:02:f2:fe:a1:8d:98:5f:b8:57:75

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

O=Internet Widgits Pty Ltd,ST=Some-State,C=VS

20/10/2022, 18:39
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnimateWindow

msvbvm60

ord584
_CIcos
_adj_fptan
__vbaVarMove
ord585
ord587
__vbaFreeVar
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaStrErrVarCopy
ord517
_adj_fprem1
ord519
__vbaStrCat
ord553
ord660
ord662
__vbaHresultCheckObj
ord556
_adj_fdiv_m32
ord593
__vbaForEachCollObj
ord594
__vbaObjSet
ord595
ord596
_adj_fdiv_m16i
_adj_fdivr_m16i
ord521
_CIsin
ord709
ord631
__vbaNextEachCollObj
ord525
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaDateR8
ord560
DllFunctionCall
__vbaVarLateMemSt
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord713
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaDateVar
__vbaCheckType
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaInStr
ord648
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
ord610
__vbaVarAdd
__vbaVarDup
ord612
ord614
ord616
_CIatan
ord618
__vbaStrMove
ord650
_allmul
_CItan
__vbaFPInt
_CIexp
__vbaFreeObj
__vbaI4ErrVar
__vbaFreeStr
ord581

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f13024ff68a5a0b284911ebf7cdfb57

Code Sign

01Certificate

16:7f:f0:99:37:87:30:e5:92:5c:02:f2:fe:a1:8d:98:5f:b8:57:75Signer

Signature Validations

Verification

20/10/2022, 18:39 Valid: false

Headers

File Characteristics

Imports

user32

msvbvm60

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 160KB - Virtual size: 156KB

01
Certificate

16:7f:f0:99:37:87:30:e5:92:5c:02:f2:fe:a1:8d:98:5f:b8:57:75
Signer

20/10/2022, 18:39
Valid: false

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 160KB - Virtual size: 156KB