General

Malware Config

Signatures

Files

• 25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3.7z

  .7z

  Password: infected

• 25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3

  .exe windows x86

  Password: infected

  1b51de3a45ab89aedf844c08e5f6069b

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvbvm60

  _CIcos

  _adj_fptan

  __vbaFreeVar

  __vbaFreeVarList

  _adj_fdiv_m64

  _adj_fprem1

  ord518

  __vbaStrCat

  __vbaHresultCheckObj

  __vbaLenBstrB

  _adj_fdiv_m32

  ord595

  _adj_fdiv_m16i

  _adj_fdivr_m16i

  ord707

  __vbaFpR8

  _CIsin

  __vbaChkstk

  EVENT_SINK_AddRef

  __vbaStrCmp

  ord529

  ord561

  __vbaObjVar

  ord672

  _adj_fpatan

  ord677

  EVENT_SINK_Release

  _CIsqrt

  EVENT_SINK_QueryInterface

  __vbaExceptHandler

  _adj_fprem

  _adj_fdivr_m64

  ord531

  __vbaFPException

  _CIlog

  ord646

  __vbaNew2

  _adj_fdiv_m32i

  _adj_fdivr_m32i

  _adj_fdivr_m32

  _adj_fdiv_r

  ord100

  __vbaVarTstNe

  __vbaLateMemCall

  __vbaVarDup

  _CIatan

  __vbaUI1Str

  __vbaStrMove

  ord618

  _allmul

  ord651

  _CItan

  _CIexp

  __vbaFreeObj

  __vbaFreeStr

  Sections

  .text

  Size: 60KB - Virtual size: 58KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 52KB - Virtual size: 50KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ