7401e05850e63ed9ea8f11d1d6e40439

Sharing

Copy URL Twitter E-mail

General

Target

7401e05850e63ed9ea8f11d1d6e40439
Size

152KB
MD5

7401e05850e63ed9ea8f11d1d6e40439
SHA1

8822ff6a7f43621484afa1e69c58ec6c86d69402
SHA256

07ff84ffdfa0b14560077dad63ae15b990ee0cf621dced20198da63be1090f0f
SHA512

5619896d85f594eb2f4e318c1771335201511d9c43ed3d7cad84056567c4dab842c65ed92ff402a49a06ac79d877826075ae0d031611d8bdae6cd1a66d6885e0
SSDEEP

3072:w0znI8fdTWCi+Pc4LGY7n61rAvRycEo/AwBy00jQyJr2z2Be76iHkeLzfkeZ8:lI8kXFcL61rAZyNwBITB2v6iDf8

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/aysMH告别版.exe
unpack001/aysSET.exe

Files

7401e05850e63ed9ea8f11d1d6e40439
.rar
aysMH告别版.exe
.exe windows:4 windows x86 arch:x86

ddd9f81f0230b14e1c294699a82ba8c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaPut4
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaGet4
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFPException
ord645
_CIlog
__vbaFileOpen
__vbaR8Str
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord617
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaUI1Var
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aysSET.exe
.exe windows:4 windows x86 arch:x86

a18fb99af5d115a34255909c30c8a35f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaAryMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord666
__vbaAryDestruct
__vbaExitProc
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord309
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaPutOwner3
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaI2Str
__vbaFPException
ord717
__vbaStrVarVal
__vbaVarCat
ord534
ord645
_CIlog
__vbaFileOpen
__vbaVar2Vec
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarDup
__vbaStrToAnsi
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aysmh.ini
readME.txt

Sharing

General

Malware Config

Signatures

Files

ddd9f81f0230b14e1c294699a82ba8c7

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 32KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

a18fb99af5d115a34255909c30c8a35f

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 56KB - Virtual size: 52KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 320KB - Virtual size: 317KB

.text
Size: 32KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 52KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 320KB - Virtual size: 317KB