General

Malware Config

Signatures

Files

• 94729e2f3839b40af5d038286ca722c4.bin

  .zip

  Password: infected

• c73d7b6c2df6f9004307cf888b4c636c07dc3accb0eef34f5b0827fcc715bf42.zip

  .zip

  Password: infected

• E-FILLING FORM B.zip

  .zip

  Password: infected

• E-FILLING FORM B.bat

  .exe windows:4 windows x86

  Password: infected

  67a5ce7c8e5c25b362b22ebccab00cb1

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvbvm60

  ord690

  ord696

  ord698

  MethCallEngine

  ord516

  ord518

  ord626

  ord519

  ord667

  ord591

  ord593

  ord594

  ord595

  ord596

  ord598

  ord520

  ord631

  ord632

  ord525

  ord526

  EVENT_SINK_AddRef

  ord528

  ord529

  DllFunctionCall

  ord563

  ord670

  ord564

  EVENT_SINK_Release

  ord600

  ord601

  EVENT_SINK_QueryInterface

  __vbaExceptHandler

  ord711

  ord712

  ord606

  ord713

  ord714

  ord607

  ord608

  ord716

  ord717

  ord534

  ProcCallEngine

  ord644

  ord537

  ord645

  ord648

  ord570

  ord573

  ord681

  ord576

  ord685

  ord100

  ord689

  ord616

  ord617

  ord618

  ord619

  ord650

  ord652

  ord581

  Sections

  .text

  Size: 2.0MB - Virtual size: 2.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 264KB - Virtual size: 261KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ