582e9c125ab1e341999cd2a1c6647dc8a8b21482fd762834e5d3b845744e13f5

Sharing

Copy URL Twitter E-mail

General

Target

582e9c125ab1e341999cd2a1c6647dc8a8b21482fd762834e5d3b845744e13f5
Size

13.0MB
MD5

3cff9e0a9344b6f1aa6f971dcb4ff44e
SHA1

4a2da8c7da995b8e7578215a68809a27bac2cd32
SHA256

582e9c125ab1e341999cd2a1c6647dc8a8b21482fd762834e5d3b845744e13f5
SHA512

ac1a2e0e5ffdcbefd963454358bc41e4da93c410579443a1189eb6e8693b228fa663d2beaad6e9d73ba7e2b46c1005cd47603b742acc6b61f2ae6b200020a5d7
SSDEEP

393216:5XasMr+bcOaK33Oo+sG8muOEzcNBIbGtfVhg9lbC+eeIViumiqX3f95IkPkitW4T:5qsMCpaK33Oo+sVmuOEzcNBIbGtfVhgP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
582e9c125ab1e341999cd2a1c6647dc8a8b21482fd762834e5d3b845744e13f5

Files

582e9c125ab1e341999cd2a1c6647dc8a8b21482fd762834e5d3b845744e13f5
.exe windows:4 windows x86 arch:x86

e4ba51877621c2c7524c3db592d2f027

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

DllFunctionCall
EVENT_SINK2_AddRef
EVENT_SINK2_Release
EVENT_SINK_AddRef
EVENT_SINK_GetIDsOfNames
EVENT_SINK_Invoke
EVENT_SINK_QueryInterface
EVENT_SINK_Release
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
VarPtr
Zombie_GetTypeInfo
Zombie_GetTypeInfoCount
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAryConstruct2
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryUnlock
__vbaAryVar
__vbaBoolStr
__vbaBoolVar
__vbaBoolVarNull
__vbaCVarAryUdt
__vbaCastObj
__vbaCastObjVar
__vbaChkstk
__vbaDateR8
__vbaDateStr
__vbaDateVar
__vbaEnd
__vbaErase
__vbaErrorOverflow
__vbaExceptHandler
__vbaExitProc
__vbaFPException
__vbaFPInt
__vbaFileClose
__vbaFileOpen
__vbaFixstrConstruct
__vbaForEachCollObj
__vbaFpCDblR4
__vbaFpI2
__vbaFpI4
__vbaFpR4
__vbaFpR8
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaFreeVarg
__vbaGenerateBoundsError
__vbaGetOwner3
__vbaHresultCheckObj
__vbaI2Abs
__vbaI2ErrVar
__vbaI2I4
__vbaI2Str
__vbaI2Var
__vbaI4Abs
__vbaI4ErrVar
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaInStrVar
__vbaInputFile
__vbaLateIdCall
__vbaLateIdCallLd
__vbaLateIdCallSt
__vbaLateIdSt
__vbaLateIdStAd
__vbaLateMemCall
__vbaLateMemCallLd
__vbaLateMemSt
__vbaLenBstr
__vbaLenVar
__vbaLenVarB
__vbaLineInputStr
__vbaLsetFixstr
__vbaNew
__vbaNew2
__vbaNextEachCollObj
__vbaObjIs
__vbaObjSet
__vbaObjSetAddref
__vbaObjVar
__vbaOnError
__vbaOnGoCheck
__vbaPrintFile
__vbaPrintObj
__vbaPutOwner3
__vbaR4Str
__vbaR4Var
__vbaR8ErrVar
__vbaR8IntI4
__vbaR8Str
__vbaR8Var
__vbaRaiseEvent
__vbaRecAssign
__vbaRecDestruct
__vbaRedim
__vbaRedimPreserve
__vbaRefVarAry
__vbaResume
__vbaSetSystemError
__vbaStrBool
__vbaStrCat
__vbaStrCmp
__vbaStrCopy
__vbaStrErrVarCopy
__vbaStrI2
__vbaStrI4
__vbaStrMove
__vbaStrR4
__vbaStrR8
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrUI1
__vbaStrVarCopy
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1I2
__vbaUI1I4
__vbaUI1Var
__vbaUbound
__vbaVar2Vec
__vbaVarAbs
__vbaVarAdd
__vbaVarAnd
__vbaVarCat
__vbaVarCmpEq
__vbaVarCmpGe
__vbaVarCmpGt
__vbaVarCmpLe
__vbaVarCmpLt
__vbaVarCmpNe
__vbaVarCopy
__vbaVarDiv
__vbaVarDup
__vbaVarForInit
__vbaVarForNext
__vbaVarIdiv
__vbaVarIndexLoad
__vbaVarIndexLoadRef
__vbaVarIndexLoadRefLock
__vbaVarIndexStore
__vbaVarInt
__vbaVarLateMemCallLd
__vbaVarLateMemCallLdRf
__vbaVarLateMemCallSt
__vbaVarLateMemSt
__vbaVarMove
__vbaVarMul
__vbaVarNeg
__vbaVarNot
__vbaVarOr
__vbaVarSetObj
__vbaVarSetObjAddref
__vbaVarSetVar
__vbaVarSub
__vbaVarTstEq
__vbaVarTstGe
__vbaVarTstGt
__vbaVarTstLe
__vbaVarTstLt
__vbaVarTstNe
__vbaVarVargNofree
__vbaVarZero
__vbaVargVarCopy
__vbaVargVarMove
__vbaVerifyVarObj
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtcAnsiValueBstr
rtcBeep
rtcBstrFromAnsi
rtcCharValueBstr
rtcCreateObject2
rtcDateAdd
rtcDateDiff
rtcDatePart
rtcDir
rtcDoEvents
rtcEndOfFile
rtcErrObj
rtcFileCopy
rtcFileLen
rtcFileLength
rtcFreeFile
rtcGetDateValue
rtcGetDateVar
rtcGetDayOfMonth
rtcGetMonthOfYear
rtcGetPresentDate
rtcGetSetting
rtcGetTimeVar
rtcGetTimer
rtcGetYear
rtcHexVarFromVar
rtcImmediateIf
rtcInputBox
rtcIsDate
rtcIsEmpty
rtcIsMissing
rtcIsNull
rtcKillFiles
rtcLeftCharVar
rtcLeftTrimVar
rtcLowerCaseVar
rtcMakeDir
rtcMidCharVar
rtcMsgBox
rtcQBColor
rtcR8ValFromBstr
rtcReplace
rtcRgb
rtcRightCharVar
rtcRound
rtcSaveSetting
rtcSendKeys
rtcShell
rtcSpaceVar
rtcSplit
rtcStrConvVar2
rtcStringVar
rtcTrimVar
rtcUpperCaseVar
rtcVarBstrFromAnsi
rtcVarFromFormatVar
rtcVarStrFromVar

Sections

.text
Size: 12.9MB - Virtual size: 13.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4ba51877621c2c7524c3db592d2f027

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 12.9MB - Virtual size: 13.3MB

.idata Size: 6KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 12.9MB - Virtual size: 13.3MB

.idata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 4KB