4265d72df1c6e9a75f03336ba0eb340f

Sharing

Copy URL

Twitter E-mail

General

Target

4265d72df1c6e9a75f03336ba0eb340f
Size

15.0MB
MD5

4265d72df1c6e9a75f03336ba0eb340f
SHA1

ab765ca9c308e5bd74bd352af5b168ec001677bf
SHA256

6b77c4ca57ed19f79ec3674ba25767759d682341e4dca0ef71b7d9dab984ba37
SHA512

b3ede3766cb2b3c16d989e05c80f5f196d755f06d11e253df0430e1b6ef299674af6f34821e2e0913366692b08fcbe2dbef41d6f22a47af0a02af90b73cabd45
SSDEEP

393216:cuTIQYnfu6/lAQ5omnTMbWTThqs1MJTVkIvk+xMySTt5CwC:cHu6/RxTMhbTOdRfTte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4265d72df1c6e9a75f03336ba0eb340f

Files

4265d72df1c6e9a75f03336ba0eb340f
.exe windows:4 windows x86 arch:x86

be78dace8431d28b315928c8f63ec140

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

EbGetErrorInfo
rtcSplit
rtcMIRR
rtcGetDayOfMonth
__vbaVarTextTstGe
rtcGetTimeVar
TipInvokeMethod
__vbaLateIdStAd
TipUnloadProject
__vbaHresultCheckNonvirt
__vbaPut4
__vbaCyErrVar
__vbaOnError
__vbaLsetFixstrFree
__vbaStrUI1
PutMemNewObj
GetMem1
EVENT_SINK_QueryInterface
__vbaMidStmtVar
Zombie_GetTypeInfoCount
__vbaVarCmpGt
__vbaPutFxStr3
__vbaLbound
_CIlog
__vbaVarZero
rtcCos
__vbaRsetFixstrFree
__vbaAryRebase1Var
__vbaLdZeroAry
rtcBstrFromAnsi
__vbaCyForNext
__vbaCyMul
__vbaCyAbs
__vbaVarTextTstEq
rtcVarFromVar
__vbaVarTextCmpNe
__vbaVarTextLikeVar
BASIC_CLASS_AddRef
__vbaFreeObjList
rtcSendKeys
rtDecFromVar
__vbaR4Sgn
GetMem2
__vbaR8IntI4
__vbaVarTextCmpGe
__vbaStrToUnicode

cryptnet

I_CryptNetGetHostNameFromUrl
DllRegisterServer
CertDllVerifyCTLUsage
CryptCancelAsyncRetrieval
CertDllVerifyRevocation
I_CryptNetEnumUrlCacheEntry
LdapProvOpenStore
CryptFlushTimeValidObject
CryptGetObjectUrl
CryptGetTimeValidObject
I_CryptNetGetUserDsStoreUrl
CryptInstallCancelRetrieval
CryptRetrieveObjectByUrlW
CryptRetrieveObjectByUrlA
CryptUninstallCancelRetrieval
DllUnregisterServer

kernel32

CreateFileA
LoadLibraryExA
GetOverlappedResult
EscapeCommFunction
RequestDeviceWakeup
CompareFileTime
GetDateFormatA
GetConsoleAliasExesLengthA
SignalObjectAndWait
IsBadHugeWritePtr
CreateDirectoryExA
HeapQueryInformation
LoadLibraryA
DnsHostnameToComputerNameA
GetVolumeInformationW
PrivMoveFileIdentityW
GetLocaleInfoA
QueueUserAPC
VirtualFreeEx
GetAtomNameW
CreateMutexW
GetDiskFreeSpaceW
IsDBCSLeadByteEx
GetProcAddress
GetVDMCurrentDirectories
GetStdHandle
EnumUILanguagesA
HeapWalk
WriteFileGather
VirtualUnlock
_lcreat
MulDiv
TlsFree
MultiByteToWideChar
SetEnvironmentVariableA
GetConsoleAliasesLengthW
SetConsoleCP
GetLastError
ResetWriteWatch
SetTapePosition
FlushConsoleInputBuffer
Process32First
VirtualAlloc
GetProfileStringW
CreateFiberEx
SwitchToFiber
Thread32Next
Heap32Next
DeleteFiber
GetPrivateProfileSectionNamesW

msvcp60

_Toupper

Sections

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 707KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 14.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be78dace8431d28b315928c8f63ec140

Headers

File Characteristics

Imports

msvbvm60

cryptnet

kernel32

msvcp60

Sections

.rsrc Size: 42KB - Virtual size: 41KB

.tls Size: 512B - Virtual size: 4KB

.text Size: 707KB - Virtual size: 707KB

.data Size: - Virtual size: 14.3MB

.rsrc
Size: 42KB - Virtual size: 41KB

.tls
Size: 512B - Virtual size: 4KB

.text
Size: 707KB - Virtual size: 707KB

.data
Size: - Virtual size: 14.3MB