e0a7607fe2679bc3d62e198684b271584953ba17b57792f83e7ab49352526972 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0a7607fe2679bc3d62e198684b271584953ba17b57792f83e7ab49352526972
Size

52KB
MD5

cc7dc946671274146c40e94c5286b9b4
SHA1

867934bb056b21b40bba975b68f2569b61ea2e61
SHA256

e0a7607fe2679bc3d62e198684b271584953ba17b57792f83e7ab49352526972
SHA512

820ae98a994003e80e4336599e430ac4384f66cb1bf9686a55cd1949dfc32ff73506d4bdaeed1a8399c6e513e339e1b7662a314b4ca060cd64a7c76a098752ac
SSDEEP

384:BghfrAH2WDHBiHHcBRIMTf4r0vs/vXCWW8sk4wlrD+vHgCDIUyUhrr+WwT98QEp4:6WDHBiHHcBRnS0w/djskwNzhUWdVW

Score

N/A

Malware Config

Signatures

Files

e0a7607fe2679bc3d62e198684b271584953ba17b57792f83e7ab49352526972
.exe windows x86

f60bbde5e283641a76b022cedd7056e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
GetWindowLongA
UnhookWindowsHookEx
SetWindowLongA
CallWindowProcA

kernel32

GetProcAddress
RtlMoveMemory
GlobalFree
GetModuleHandleA
GetVersionExA
GlobalAlloc

msvbvm60

EVENT_SINK_GetIDsOfNames
ord694
MethCallEngine
EVENT_SINK_Invoke
ord516
ord519
ord626
ord667
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord593
ord300
ord594
ord595
ord598
ord306
ord520
ord631
ord709
ord632
ord525
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord314
ord315
ord316
ord608
ord717
ord319
ProcCallEngine
ord537
ord644
ord645
ord570
ord648
EVENT_SINK2_AddRef
ord681
ord576
ord578
ord100
ord610
ord320
ord612
ord321
ord616
ord617
ord581

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ