fd383600cffde1205080c941bb1e88c173a2ad7ae9c9d0f956c2e00f448e9f90

Sharing

Copy URL Twitter E-mail

General

Target

fd383600cffde1205080c941bb1e88c173a2ad7ae9c9d0f956c2e00f448e9f90
Size

3.0MB
MD5

cf9ae0ffa2e9a671f9a85572499fa2db
SHA1

c37334dd95e32d0325be762ab7cbe51f52c7c219
SHA256

fd383600cffde1205080c941bb1e88c173a2ad7ae9c9d0f956c2e00f448e9f90
SHA512

585da8458307f35cba339c9512988dc52420bf8eb745bef2ebc317b9777afd54c36928d32e1e5dc6ccb0b981bb5fb1aa41ef85025fafc91d53ac6731bbab069e
SSDEEP

49152:1K7c1EdPoKvNLyrdYK1ajOAPLyqDdEo1KQ2j/YL7EFP9:1KA1cjyrdYKU9HdEo1KQ2jG7EFP9

Score

N/A

Malware Config

Signatures

Files

fd383600cffde1205080c941bb1e88c173a2ad7ae9c9d0f956c2e00f448e9f90
.exe windows x86

0b2c8594806102e8f124d7cbabb1ffa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromString

olepro32

OleCreatePictureIndirect

gdi32

SelectObject
DeleteDC
CreateCompatibleDC
CreateDIBSection

gdiplus

GdipGetImageHeight
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageDecoders
GdipSetStringFormatAlign
GdipLoadImageFromFile
GdipCreateSolidFill
GdipDeleteFontFamily
GdipRotateWorldTransform
GdipCreateStringFormat
GdipDisposeImage
GdipSetImageAttributesColorMatrix
GdiplusShutdown
GdipSetInterpolationMode
GdipCreateFont
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipTranslateWorldTransform
GdipDeleteFont
GdipGetImageDecodersSize
GdipResetWorldTransform
GdipDrawImageRectRectI
GdipGetImageEncoders
GdipCreateFontFamilyFromName
GdipDeleteStringFormat
GdipFillRectangle
GdipDeletePen
GdipSaveImageToFile
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteBrush
GdipDrawImageRect
GdipDisposeImageAttributes
GdipGetImageWidth
GdipGetImageEncodersSize
GdipDrawString
GdipCreateImageAttributes

kernel32

lstrlenA
lstrlenW

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaHresultCheck
__vbaVarMove
__vbaAryMove
__vbaFreeVar
__vbaLineInputStr
ord588
__vbaStrVarMove
__vbaLenBstr
__vbaVarIdiv
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaPut4
__vbaLineInputVar
__vbaFreeObjList
ord516
__vbaVarIndexLoadRef
__vbaStrErrVarCopy
_adj_fprem1
ord518
__vbaRecAnsiToUni
ord519
__vbaResume
__vbaCopyBytes
__vbaVarCmpNe
__vbaStrCat
ord553
__vbaWriteFile
__vbaLsetFixstr
__vbaStrDate
__vbaSetSystemError
__vbaRecDestruct
ord662
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
__vbaAryDestruct
ord593
__vbaStrBool
__vbaForEachCollObj
__vbaVarForInit
__vbaExitProc
ord594
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
__vbaStrFixstr
ord520
__vbaRefVarAry
__vbaVarTstLt
__vbaBoolVarNull
_CIsin
ord631
__vbaErase
__vbaNextEachCollObj
__vbaVarZero
ord525
ord632
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord527
__vbaGet3
ord529
__vbaStrCmp
__vbaPutOwner3
__vbaVarTstEq
__vbaAryConstruct2
__vbaR4Str
__vbaPutOwner4
__vbaObjVar
__vbaPrintObj
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
__vbaCastObjVar
__vbaStrR4
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
ord601
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaStr2Vec
__vbaVarMul
__vbaExceptHandler
ord711
__vbaInputFile
__vbaPrintFile
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
ord607
__vbaVarDiv
ord608
ord531
__vbaFPException
__vbaInStrVar
ord717
__vbaGetOwner3
__vbaUbound
__vbaStrVarVal
__vbaGetOwner4
__vbaVarCat
ord535
__vbaDateVar
__vbaI2Var
__vbaLsetFixstrFree
ord644
ord537
ord645
_CIlog
__vbaFileOpen
__vbaVar2Vec
ord570
ord648
__vbaInStr
__vbaVarLateMemCallLdRf
__vbaR8Str
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
ord576
_adj_fdivr_m32
__vbaR8Var
_adj_fdiv_r
ord578
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaLateMemCall
__vbaVarAdd
__vbaAryLock
ord612
__vbaStrComp
__vbaFreeVarg
__vbaVarDup
__vbaStrToAnsi
ord613
__vbaFpI2
__vbaVarMod
ord616
__vbaVarLateMemCallLd
__vbaVarCopy
__vbaFpI4
__vbaR8IntI2
ord617
__vbaRecDestructAnsi
_CIatan
__vbaCastObj
ord618
__vbaStrMove
__vbaStrVarCopy
__vbaPutFxStr3
ord619
__vbaPutFxStr4
ord542
ord543
_allmul
ord544
__vbaLateIdSt
ord545
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b2c8594806102e8f124d7cbabb1ffa7

Headers

File Characteristics

Imports

ole32

olepro32

gdi32

gdiplus

kernel32

msvbvm60

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.data Size: 4KB - Virtual size: 39KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 4KB - Virtual size: 39KB

.rsrc
Size: 4KB - Virtual size: 1KB