5843ebd8b5a7d97e15128287729e6f68[.]bin

General

Target

5843ebd8b5a7d97e15128287729e6f68.bin
Size

131KB
MD5

a10d9c385e4aa1206c28b48c62870de6
SHA1

1d7ad3e0f33711b1fc52d812dfab62bd735e9546
SHA256

d68b97cce1b296a4fba281d33bb0e8d0770a416ae1186c4a77ad0c706a947bd1
SHA512

00cba678f5b594016595f991bd06c0d5988978127a1cef488c500001907f4228ef709461d8063061a1103ea99746510efcecfa63ebf851e9a5bff125d3b0eb81
SSDEEP

3072:XdA00yhn7VCpAj/hlm9Bsid+BpAUG3SttKxcWcOMf:Xdl0G7VI6/G9BsidWAU/tK1cOMf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b57caf233558da836f849071fbdb8a782ca51569ed8135f3ea6298d639ab571f.exe

Files

5843ebd8b5a7d97e15128287729e6f68.bin
.zip

Password: infected
b57caf233558da836f849071fbdb8a782ca51569ed8135f3ea6298d639ab571f.exe
.exe windows x86

Password: infected

8a9e343ef02b2796ce6de11d3fa514ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaCyMul
__vbaFreeVar
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarTstLe
__vbaCyErrVar
__vbaVarPow
__vbaExitProc
ord300
__vbaCyAdd
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaCyStr
ord306
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
DllFunctionCall
__vbaCySub
_adj_fpatan
__vbaR8Cy
__vbaStrR8
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord714
ord608
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaR8Str
__vbaNew2
__vbaCyMulI2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaFpCy
ord610
__vbaStrToAnsi
__vbaVarDup
__vbaVarTstGe
__vbaVarCopy
_CIatan
__vbaCastObj
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaStrCy
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 672KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

8a9e343ef02b2796ce6de11d3fa514ae

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 672KB - Virtual size: 670KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 672KB - Virtual size: 670KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB