198f2fda8dfd4fa5eb335b4b2fc54d83d1fcb437d83a8e10ee9e700466349880 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198f2fda8dfd4fa5eb335b4b2fc54d83d1fcb437d83a8e10ee9e700466349880
Size

388KB
MD5

6eb238c003dd18dab37c21e725844d42
SHA1

cc1b7f84d99f9bcd428e7d55344590cb68d6acd9
SHA256

198f2fda8dfd4fa5eb335b4b2fc54d83d1fcb437d83a8e10ee9e700466349880
SHA512

91251e3b9c847fdf9392419e4cbb52151ab182f1bc04798b49cada8828c7e94d8d403e8e3a90d413d8f3ccaabc6f97846510c350a56b7c6094d08bd5849a2186
SSDEEP

3072:ecUEuq8At0cDk1QYA3o6cRCnCTQRzHpSuSavpkixYzfkV6VJ6/r1f4tRFB7W4e9Q:HMQYAc3TKNxMfjJA1gzPW4s4nFsm

Score

N/A

Malware Config

Signatures

Files

198f2fda8dfd4fa5eb335b4b2fc54d83d1fcb437d83a8e10ee9e700466349880
.exe windows x86

08d67ea6c0611c130ad370b44e608dd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory
ResumeThread
VirtualAllocEx
GetThreadContext
SetThreadContext
CreateProcessA

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
ord519
ord660
Zombie_GetTypeInfo
ord595
ord598
ord631
ord632
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord314
ord606
ord315
ord607
ord714
ord316
ord608
ord717
ProcCallEngine
ord537
ord644
ord645
ord570
ord648
ord681
ord578
ord685
ord100
ord616
ord617
ord619
ord650
ord546
ord581

ntdll

NtWriteVirtualMemory
NtUnmapViewOfSection

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ