da09492c0f6c9103e86ef8895dfa0c3eb70f4e846dd793c0c51f5cff9691f315

Sharing

Copy URL

Twitter E-mail

General

Target

da09492c0f6c9103e86ef8895dfa0c3eb70f4e846dd793c0c51f5cff9691f315
Size

3.2MB
MD5

59d0ce31add39ae72c9ed19f4296bf6d
SHA1

584d653d55ce523703fd8e3c6cace192be5ec269
SHA256

da09492c0f6c9103e86ef8895dfa0c3eb70f4e846dd793c0c51f5cff9691f315
SHA512

65665f1d17a946748ee5cc6fd6e3f81c68fcae925cc6f3a462bcd79261efe300b947eff0da14d53fbc18b50609d630f978887f0b55040386b6edd08461f364c1
SSDEEP

98304:fPCZYc/ZfVs7bW4L3X0tN3NZoS8XFI7EI:fPCZYc/ZfVs7bW4L3X0tN3NZoS8XFI7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da09492c0f6c9103e86ef8895dfa0c3eb70f4e846dd793c0c51f5cff9691f315

Files

da09492c0f6c9103e86ef8895dfa0c3eb70f4e846dd793c0c51f5cff9691f315
.exe windows x86

258ae478be6e5e317130d4dbf34720d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

rtcSin
__vbaVarSub
__vbaVarTstGt
rtcCos
__vbaStrI2
rtcTan
_CIcos
_adj_fptan
rtcAtn
__vbaVarMove
__vbaStrI4
rtcExp
__vbaVarVargNofree
rtcLog
__vbaFreeVar
rtcRgb
__vbaLineInputStr
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
rtcAnsiValueBstr
__vbaR8Sgn
__vbaStrErrVarCopy
_adj_fprem1
rtcTrimBstr
__vbaResume
__vbaVarCmpNe
__vbaStrCat
__vbaError
rtcVarFromFormatVar
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
__vbaVargVarCopy
_adj_fdiv_m32
__vbaVarTstLe
__vbaVarCmpGe
__vbaAryDestruct
__vbaVarForInit
__vbaVarPow
__vbaExitProc
GetMem2
__vbaI4Abs
__vbaFileCloseAll
__vbaOnError
__vbaObjSet
rtcMsgBox
_adj_fdiv_m16i
GetMemStr
__vbaObjSetAddref
_adj_fdivr_m16i
rtcDoEvents
rtcSendKeys
__vbaFpR4
PutMem2
rtcTrimVar
PutMemStr
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
rtcMidCharBstr
__vbaErase
__vbaVargVarMove
__vbaVarCmpGt
rtcMidCharVar
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaVarAbs
__vbaGenerateBoundsError
rtcUpperCaseVar
rtcKillFiles
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarLateMemSt
__vbaVarOr
__vbaCastObjVar
__vbaStrR4
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
EVENT_SINK_Release
rtcShell
_CIsqrt
__vbaLateIdCallSt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
__vbaStrToUnicode
__vbaPrintFile
__vbaInputFile
__vbaR4ErrVar
rtcStringBstr
_adj_fprem
_adj_fdivr_m64
rtcRound
__vbaVarDiv
rtcVarBstrFromAnsi
rtcChangeDir
rtcCreateObject2
rtcMakeDir
rtcGetDateBstr
__vbaVarCmpLe
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
__vbaStopExe
rtcBstrFromAnsi
rtcDir
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaR8Str
rtcFreeFile
__vbaNew2
__vbaVarInt
rtcEndOfFile
_adj_fdiv_m32i
_adj_fdivr_m32i
rtcHexVarFromVar
__vbaStrCopy
__vbaI4Str
__vbaVarNot
__vbaFreeStrList
__vbaVarCmpLt
_adj_fdivr_m32
__vbaR8Var
__vbaPowerR8
_adj_fdiv_r
rtcErrObj
ThunRTMain
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
rtcGetDateVar
__vbaLateMemCall
__vbaAryLock
rtcGetTimeBstr
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
rtcVarStrFromVar
rtcSqr
__vbaFpI2
__vbaVarLateMemCallLd
__vbaVarTstGe
rtcLeftCharBstr
__vbaFpI4
__vbaVarCopy
__vbaR8IntI2
__vbaLateMemCallLd
rtcLeftCharVar
_CIatan
rtcRightCharBstr
__vbaCastObj
__vbaStrMove
__vbaStrVarCopy
rtcRightCharVar
__vbaVarNeg
rtcBstrFromFormatVar
_allmul
__vbaLateIdSt
rtcVarFromError
_CItan
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaMidStmtBstr
__vbaFreeStr
__vbaFreeObj
rtcR8ValFromBstr

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.impr
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

258ae478be6e5e317130d4dbf34720d2

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.data Size: 70KB - Virtual size: 4.1MB

.impr Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 70KB - Virtual size: 4.1MB

.impr
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB