General

Malware Config

Signatures

Files

• a1809e923de6cae635be84aa94afa7b7.bin

  .zip

  Password: infected

• fffabbf5eb28e080d666156800c4d0a7ca5c986559fc5c3cc632155d12801fb4.zip

  .zip

  Password: infected

• INF_NEFT_Debit.zip

  .zip

  Password: infected

• INF_NEFT_Debit.bat

  .exe windows:4 windows x86

  Password: infected

  561c18361eb724808a2d9ecd5f5cc217

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvbvm60

  ord690

  ord696

  ord698

  MethCallEngine

  ord516

  ord518

  ord626

  ord519

  ord667

  ord591

  ord593

  ord594

  ord595

  ord596

  ord598

  ord520

  ord631

  ord632

  ord525

  ord526

  EVENT_SINK_AddRef

  ord527

  ord528

  ord529

  DllFunctionCall

  ord563

  ord670

  ord564

  EVENT_SINK_Release

  ord600

  ord601

  EVENT_SINK_QueryInterface

  __vbaExceptHandler

  ord711

  ord712

  ord713

  ord714

  ord607

  ord608

  ord716

  ord717

  ProcCallEngine

  ord644

  ord537

  ord645

  ord648

  ord570

  ord573

  ord681

  ord576

  ord685

  ord100

  ord689

  ord616

  ord617

  ord618

  ord619

  ord581

  Sections

  .text

  Size: 2.0MB - Virtual size: 2.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 264KB - Virtual size: 262KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ