Brontok (2)[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Brontok (2).zip
Size

211KB
MD5

745c42dc17137367d55fe2cac3707e36
SHA1

081e0841c0ffbeb36c6534b48007795f72e3f3a9
SHA256

0cc7b2078e97c25e045321e1ee896c2a602a5e80efc959ac133637864b7f48e4
SHA512

52d9a95280ab1d24110473bfc603d4760ec3a58e18ee6203360491d126ecae98a504b10f75e7de522f58b02525ef4dafe612f08ced07031cfb6436b49798ccf8
SSDEEP

6144:UvwCbNa4hyK5am3q7jjrpAuzR7lmME3sIYj3:bI1yKIma79v7lgYD

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/18aa10fd9b9bf66546b7d28eba2d21ea60becb4eaa8c5ef805a5e28471907f58.exe
unpack001/70d98b736c32160617e8e272c2f5b2c10c72789fe40e27ec16f94ffa09394cd7.exe

Files

Brontok (2).zip
.zip
18aa10fd9b9bf66546b7d28eba2d21ea60becb4eaa8c5ef805a5e28471907f58.exe
.exe windows

a5022d570c8b3be0ba1a259795dce999

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaPut3
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaAryRecMove
ord621
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaResume
__vbaStrCat
__vbaError
__vbaLsetFixstr
__vbaBoolErrVar
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryDestruct
ord593
__vbaVarForInit
__vbaExitProc
ord594
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord599
__vbaStrFixstr
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord709
__vbaVargVarMove
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
ord529
__vbaAryConstruct2
__vbaPutOwner3
__vbaVarTstEq
__vbaCyI4
DllFunctionCall
__vbaVarOr
__vbaFpUI1
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
__vbaUI1I2
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaFpCmpCy
__vbaExceptHandler
__vbaStrToUnicode
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
ord607
__vbaVarDiv
ord608
ord531
__vbaFPException
__vbaInStrVar
ord717
ord532
__vbaUbound
__vbaGetOwner3
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaInStr
ord648
ord570
__vbaR8Str
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord578
ord685
ord100
__vbaVarTstNe
ord579
__vbaI4Var
__vbaVarCmpEq
__vbaAryLock
__vbaVarAdd
__vbaStrComp
__vbaStrToAnsi
__vbaVarDup
ord612
__vbaVarCopy
__vbaFpI4
ord616
ord617
_CIatan
ord618
__vbaStrMove
__vbaCastObj
ord619
ord543
_allmul
__vbaAryRecCopy
_CItan
__vbaAryUnlock
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaRecAssign
__vbaFreeObj
__vbaFreeStr
ord580
ord581

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
70d98b736c32160617e8e272c2f5b2c10c72789fe40e27ec16f94ffa09394cd7.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

DAQ
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 41KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5022d570c8b3be0ba1a259795dce999

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 80KB - Virtual size: 79KB

.sdata Size: 28KB - Virtual size: 28KB

Size: 120KB - Virtual size: 120KB

Headers

File Characteristics

Sections

DAQ Size: - Virtual size: 144KB

�uۊ�� Size: 41KB - Virtual size: 100KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 80KB - Virtual size: 79KB

.sdata
Size: 28KB - Virtual size: 28KB

DAQ
Size: - Virtual size: 144KB

�uۊ��
Size: 41KB - Virtual size: 100KB