f6acde14e92bc2f101bf107af1ba97deaaf85362d6a41033d4f55efa74ec8378

General

Target

f6acde14e92bc2f101bf107af1ba97deaaf85362d6a41033d4f55efa74ec8378
Size

256KB
MD5

8f494481d1ac728a095471cfd21ccf46
SHA1

c3b7bc783fe84719f4001bdcc973727fb7a17404
SHA256

f6acde14e92bc2f101bf107af1ba97deaaf85362d6a41033d4f55efa74ec8378
SHA512

52529cbd89f73c712089633691bea2c204f2c37ee8233a6abf94bfbcbb0e6c598983a35fccf1c2e9b82782c059bb39e3b4026b9e745cff828b36edca14341de1
SSDEEP

1536:y13CKjs14arTGjthMyROjuqmLbA6jjpVTqXZO+q+LDYQFlKIMGfC+/2oEmkuvH9L:As5o0DqMyqYBITfC+/CSHLX+b8JSLw

Score

N/A

Malware Config

Signatures

Files

f6acde14e92bc2f101bf107af1ba97deaaf85362d6a41033d4f55efa74ec8378
.exe windows x86

923041cdee9bcc4431e60d89a77f8790

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtGetContextThread
NtSetContextThread
NtResumeThread
NtWriteVirtualMemory
NtUnmapViewOfSection
NtAllocateVirtualMemory

urlmon

URLDownloadToFileW

shell32

ShellExecuteW

user32

CallWindowProcW
FindWindowW
PostMessageW

kernel32

GetFileAttributesW
DeleteFileW
CreateProcessW
GetModuleFileNameW
GetSystemDirectoryW
CopyFileW
Sleep
SetFileAttributesW
CreateDirectoryW
GetEnvironmentVariableW

msvbvm60

ord582
ord583
ord584
__vbaLenBstr
ord516
ord660
ord593
ord594
ord520
VarPtr
ord631
ord632
DllFunctionCall
ord601
__vbaExceptHandler
ord608
ProcCallEngine
ord535
ord537
ord575
ord100
ord546
ord581

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ebnnkna
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ozzmmsg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

923041cdee9bcc4431e60d89a77f8790

Headers

File Characteristics

Imports

ntdll

urlmon

shell32

user32

kernel32

msvbvm60

Sections

.text Size: 20KB - Virtual size: 17KB

.data Size: - Virtual size: 2KB

.rsrc Size: 100KB - Virtual size: 96KB

.ndata Size: 30KB - Virtual size: 30KB

ebnnkna Size: 32KB - Virtual size: 32KB

ozzmmsg Size: - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 17KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 100KB - Virtual size: 96KB

.ndata
Size: 30KB - Virtual size: 30KB

ebnnkna
Size: 32KB - Virtual size: 32KB

ozzmmsg
Size: - Virtual size: 4KB