a56b2930771d12e7b5a5546ad02733229c17f28a17b4c663e56d2626849a6297

General

Target

a56b2930771d12e7b5a5546ad02733229c17f28a17b4c663e56d2626849a6297
Size

1.7MB
MD5

e4cb7631e7fbee9431c16fd0f442b1d1
SHA1

b3fdaf3e9ed85663ee064238842d5f6a20355475
SHA256

a56b2930771d12e7b5a5546ad02733229c17f28a17b4c663e56d2626849a6297
SHA512

79600efd63aa433b4efdb8535fb0d789c4f925c09068e5850cdbbba57b6ec7939534bf96ba8489e2b5afb5e22dce499a65ac9c5ccf2ad960d25238923b8bb7a7
SSDEEP

24576:+Uc3wAmB+2VER9XlWF3JPS7jpJLS0TwzYnQBjBPCPbSPro2BMR1FLbn1f9AbX:qWM2VwgF3FS77PwpqbcoBTFLbnh6L

Score

N/A

Malware Config

Signatures

Files

a56b2930771d12e7b5a5546ad02733229c17f28a17b4c663e56d2626849a6297
.cab
DUPPAXHC.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 510KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMRTIN~1.EXE
.exe windows x86

fff6b67884aa97cf6713555472fcc047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord626
ord666
ord667
ord595
ord598
ord632
ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord712
ord606
ord607
ord608
ord716
ord717
ProcCallEngine
ord535
ord537
ord644
ord570
ord681
ord685
ord100
ord616
ord617
ord618

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 510KB - Virtual size: 509KB

DATA Size: 22KB - Virtual size: 22KB

BSS Size: - Virtual size: 12KB

.idata Size: 10KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 34KB - Virtual size: 33KB

.rsrc Size: 55KB - Virtual size: 55KB

fff6b67884aa97cf6713555472fcc047

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 56KB - Virtual size: 52KB

.data Size: - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 2KB

CODE
Size: 510KB - Virtual size: 509KB

DATA
Size: 22KB - Virtual size: 22KB

BSS
Size: - Virtual size: 12KB

.idata
Size: 10KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 34KB - Virtual size: 33KB

.rsrc
Size: 55KB - Virtual size: 55KB

.text
Size: 56KB - Virtual size: 52KB

.data
Size: - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 2KB