bc6dba97b0f86f4de53d20527ac48db1e7a43e5cca55c38728c49eb504c2e338

Sharing

Copy URL Twitter E-mail

General

Target

bc6dba97b0f86f4de53d20527ac48db1e7a43e5cca55c38728c49eb504c2e338
Size

2.8MB
MD5

3dc6dec0bbab425c30dd46953dae0aa3
SHA1

c602a2f0db83784f05468bb8f75eded9345c4360
SHA256

bc6dba97b0f86f4de53d20527ac48db1e7a43e5cca55c38728c49eb504c2e338
SHA512

3c8034d2773e93bf95441152738ace3182236f5fa858eee341649605d3b612a5e06149dc7046ca38bb10cd3c26aaec7b3a904652f415eb8830f2cc5e277bbf0d
SSDEEP

49152:f4DFEsg3OK0lwL/hSuVJ68brRiC4PafPfEwp0NCFdcIFW6odT2+7FpqXR/:f4Dc10lwbTVT9iNvwp0NCbidT1qXt

Score

N/A

Malware Config

Signatures

Files

bc6dba97b0f86f4de53d20527ac48db1e7a43e5cca55c38728c49eb504c2e338
.exe windows x86

3dd3b1eb850b2d0b54733a1eef999741

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceW
Process32First
GetPrivateProfileSectionNamesW
FlushConsoleInputBuffer
Thread32Next
DnsHostnameToComputerNameA
CompareFileTime
HeapQueryInformation
LoadLibraryExA
GetLastError
VirtualFreeEx
SetEnvironmentVariableA
GetConsoleAliasExesLengthA
SetTapePosition
DeleteFiber
GetProcAddress
TlsGetValue
IsDBCSLeadByteEx
VirtualAlloc
TlsFree
SetConsoleCP
GetVolumeInformationW
IsBadHugeWritePtr
_lcreat
EnumUILanguagesA
HeapWalk
GetDateFormatA
Module32First
GetProfileStringW
PrivMoveFileIdentityW
QueueUserAPC
LoadLibraryA
GetAtomNameW
Heap32Next
RequestDeviceWakeup
MulDiv
CreateFileA
VirtualUnlock
MultiByteToWideChar
GetLocaleInfoA
ResetWriteWatch
WriteFileGather
GetStdHandle
CreateFiberEx
EscapeCommFunction
GetVDMCurrentDirectories
CreateDirectoryExA
CreateMutexW
GetConsoleAliasesLengthW
SwitchToFiber

msvcp60

_Toupper

cryptnet

I_CryptNetGetHostNameFromUrl
DllRegisterServer
CertDllVerifyRevocation
CryptGetObjectUrl
CryptRetrieveObjectByUrlW
CryptGetTimeValidObject
I_CryptNetEnumUrlCacheEntry
LdapProvOpenStore
I_CryptNetGetUserDsStoreUrl
CryptInstallCancelRetrieval
CryptRetrieveObjectByUrlA
CertDllVerifyCTLUsage
DllUnregisterServer
CryptUninstallCancelRetrieval
CryptFlushTimeValidObject
CryptCancelAsyncRetrieval

msvbvm60

rtDecFromVar
TipUnloadProject
__vbaStrToUnicode
_CIlog
rtcBstrFromAnsi
rtcSendKeys
__vbaR8IntI4
__vbaR4Sgn
rtcSplit
__vbaVarCmpGt
rtcGetTimeVar
__vbaVarTextTstEq
__vbaVarZero
__vbaAryRebase1Var
rtcCos
__vbaCyAbs
__vbaLsetFixstrFree
__vbaVarTextLikeVar
__vbaFreeObjList
__vbaHresultCheckNonvirt
__vbaCyForNext
__vbaLdZeroAry
EbGetErrorInfo
__vbaLateIdStAd
__vbaCyErrVar
__vbaMidStmtVar
__vbaCyMul
__vbaVarTextCmpGe
__vbaRsetFixstrFree
rtcGetDayOfMonth
__vbaLbound
EVENT_SINK_QueryInterface
__vbaPutFxStr3
TipInvokeMethod
rtcVarFromVar
__vbaStrUI1
GetMem2
Zombie_GetTypeInfoCount
__vbaVarTextTstGe
rtcMIRR
__vbaPut4
PutMemNewObj
BASIC_CLASS_AddRef
GetMem1
__vbaVarTextCmpNe
__vbaOnError

Sections

.rsrc
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 885KB - Virtual size: 884KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 15.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dd3b1eb850b2d0b54733a1eef999741

Headers

File Characteristics

Imports

kernel32

msvcp60

cryptnet

msvbvm60

Sections

.rsrc Size: 179KB - Virtual size: 179KB

.tls Size: 512B - Virtual size: 4KB

.text Size: 885KB - Virtual size: 884KB

.data Size: - Virtual size: 15.4MB

.rsrc
Size: 179KB - Virtual size: 179KB

.tls
Size: 512B - Virtual size: 4KB

.text
Size: 885KB - Virtual size: 884KB

.data
Size: - Virtual size: 15.4MB