839abe7006407891d3c6493d30fab68b[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

839abe7006407891d3c6493d30fab68b.bin
Size

29KB
MD5

06c59727eff8262f6fbb892b0ee847f1
SHA1

e8530856d3ed3eed5b5fdf21af351ebfbb6d9b57
SHA256

fb1c7fc466a7df43801828e75fa571868ace0514390703c7d038325b3fd72ec4
SHA512

c17eee96b5983cb9cbfa7f3c71f85d48d2fa2d8ecbadd692eb8a914f94458f6da12525e63bef4d4dba38f504cc0f86500cf9361a6b6cda6e0bdf453af2c360c0
SSDEEP

768:SmNxtfu8K38KXvO0D6d1BBKiBPSNudoCzPmOpoGTp:SyfBKXW0D6d17BENNC1Bp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/555624bc6b20024f54c2065d552fd8fd448daa83578a472b7a231c58e0277d33.exe

Files

839abe7006407891d3c6493d30fab68b.bin
.zip

Password: infected
555624bc6b20024f54c2065d552fd8fd448daa83578a472b7a231c58e0277d33.exe
.exe windows x86

Password: infected

3e847ec4ad926dd89c2f4cb28d036c11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord519
ord626
ord666
ord667
Zombie_GetTypeInfo
ord591
ord593
ord300
ord594
ord301
ord302
ord303
ord598
ord306
ord307
ord308
ord309
ord631
ord709
ord632
ord525
ord526
EVENT_SINK_AddRef
ord527
ord528
ord529
DllFunctionCall
ord563
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord314
ord606
ord713
ord315
ord714
ord607
ord316
ord608
ord716
ord531
ord532
ord717
ord319
ProcCallEngine
ord535
ord536
ord537
ord644
ord645
ord648
ord572
ord576
ord578
ord685
ord100
ord320
ord321
ord616
ord617
ord618
ord619
ord650

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ