e6a4c0b2c6c150958411c0d7a68c97a5064773b97730ec5eb4cecbbe25f1feca

General

Target

e6a4c0b2c6c150958411c0d7a68c97a5064773b97730ec5eb4cecbbe25f1feca
Size

323KB
MD5

eef05582110042374c8e2e112422570a
SHA1

c03341e769deef762fd8b92bfabfc4f32614defd
SHA256

e6a4c0b2c6c150958411c0d7a68c97a5064773b97730ec5eb4cecbbe25f1feca
SHA512

a5353dd1dcc90fbb193ea2fde4241808235681d81eec63d5c60ce7f7a34ddd0e8d6a190093f797744978c0700980f67a4e8cdfece33cf84552ea3a27a98b7cec
SSDEEP

6144:EizZhlQ2O0XvkhruJY+DawjvFnoZ96RvKZkmX/vNJzheBy+lp5vz:d68FLKERYhX/vNJzhSy8X

Score

N/A

Malware Config

Signatures

Files

e6a4c0b2c6c150958411c0d7a68c97a5064773b97730ec5eb4cecbbe25f1feca
.exe windows x86

f764d92a4c3516561cbf2a7dac81c11e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

uniplat

ord101
ord212
WinntIsWorkstation
ord110
ord106
ord115
ord108
ord107
ord113
ord213
ord114
ord105
ord104
ord109
ord100

msvcrt

wcslen
__p__pctype
_stat
exit
_mbsrchr
_strlwr
?terminate@@YAXXZ
_timezone

kernel32

_lclose
GetModuleHandleW
VirtualFree
VirtualAlloc
ExitProcess
SetProcessShutdownParameters
InterlockedDecrement
GetCommandLineA
GetEnvironmentStrings
GetPrivateProfileSectionNamesW
CreateDirectoryExA
GetStdHandle

msvbvm60

ord631
__vbaObjSet
__vbaOnError
ord103
ProcCallEngine
ord516
ord709
DllFunctionCall
__vbaFixstrConstruct
__vbaUbound
__vbaNew2
ord517
__vbaHresultCheckObj
ord600
ord104
MethCallEngine
__vbaVarDup
__vbaLenBstr
ord520

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 294KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f764d92a4c3516561cbf2a7dac81c11e

Headers

DLL Characteristics

File Characteristics

Imports

uniplat

msvcrt

kernel32

msvbvm60

Sections

.text Size: 1KB - Virtual size: 1KB

.CRT Size: 5KB - Virtual size: 97KB

.data Size: 294KB - Virtual size: 399KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 1KB - Virtual size: 1KB

.CRT
Size: 5KB - Virtual size: 97KB

.data
Size: 294KB - Virtual size: 399KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 40B