0af62400eca10a0f7418f89531229287

Sharing

Copy URL Twitter E-mail

General

Target

0af62400eca10a0f7418f89531229287
Size

831KB
MD5

0af62400eca10a0f7418f89531229287
SHA1

c06e1985f5a20fafa5c81cca7c50c7a506fb5139
SHA256

a65efc59322b0fa102d73a2aa0a9145d0d3a45060a5d4365f928f897d9b9cdcb
SHA512

766b06ceb769858f0d31b378f92826a217142b7fd08a1a7ea5e6dccc763c57c229463c56b572fbec21eedc6454c6ec2abd6aff2ffe4dc597fb698c5a6a813452
SSDEEP

24576:KpK0riKiRIh6SSKjbwKUoOwiE4+/9+dBXFrP4t6:FmiSMSSK/fVj4+/9+dB1r86

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/VB5CHS.DLL
unpack001/kssy2303s.exe
unpack001/msvbvm50.dll

Files

0af62400eca10a0f7418f89531229287
.rar
VB5CHS.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kssy2303s.exe
.exe windows:4 windows x86 arch:x86

87b324a67e18fb2e1d12308b06fa8d4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
msvbvm50.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0615e9c25da62e90a31fe72638c8f4fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileA
ReadFile
LockFile
RemoveDirectoryA
CreateDirectoryA
UnlockFile
HeapSize
GetStringTypeW
FlushFileBuffers
TerminateProcess
HeapFree
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetTimeZoneInformation
LockResource
ExitThread
RaiseException
GetTempFileNameA
lstrcpynA
GetLastError
_lclose
_llseek
FreeLibrary
GetLocaleInfoA
lstrcpyA
GetModuleHandleA
GetSystemDefaultLangID
FormatMessageA
TlsGetValue
HeapCreate
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
IsBadReadPtr
MulDiv
lstrcmpiA
GetTickCount
GetCurrentThreadId
lstrcmpA
lstrlenA
HeapAlloc
CreateThread
SetEnvironmentVariableA
LCMapStringW
GetStringTypeA
CompareStringW
FileTimeToLocalFileTime
SetLocalTime
SetFileAttributesA
SetFileTime
FileTimeToSystemTime
GetFileTime
GetUserDefaultLangID
GetModuleFileNameW
GetLocalTime
CreateProcessW
RtlUnwind
GetDateFormatA
UnhandledExceptionFilter
FormatMessageW
GetStartupInfoA
SetCurrentDirectoryA
ExitProcess
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetDriveTypeA
FindClose
FindFirstFileA
FindNextFileA
VirtualAlloc
VirtualFree
GetSystemInfo
WinExec
VirtualProtect
FlushInstructionCache
SetFilePointer
WriteFile
SetEndOfFile
ResumeThread
GetCurrentProcess
DuplicateHandle
TlsFree
GetCommandLineA
TlsSetValue
lstrcmpiW
TlsAlloc
GetVersion
LoadLibraryExA
CreateProcessA
GetExitCodeProcess
MultiByteToWideChar
GetSystemTime
SystemTimeToFileTime
SetEvent
WaitForSingleObject
ResetEvent
GetCurrentProcessId
CloseHandle
CreateEventA
IsBadCodePtr
FreeResource
GetSystemDefaultLCID
LoadLibraryA
GetUserDefaultLCID
GetSystemDirectoryA
Sleep
GetProcAddress
GetVersionExA
SetErrorMode
GlobalDeleteAtom
HeapDestroy
LCMapStringA
GlobalAddAtomA
ReleaseSemaphore
GetProfileStringA
CreateSemaphoreA
VirtualQuery
CompareStringA
WideCharToMultiByte
HeapReAlloc
GetCurrentDirectoryA
lstrcatA
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
SearchPathA
GetFileType
SetLastError
CreateFileA
GlobalFree
DeleteFileA
GlobalUnlock
SizeofResource
FindResourceA
LoadResource
GlobalHandle
GlobalAlloc
GlobalSize
_lwrite
GlobalReAlloc
GlobalLock
GetTempPathA
_lread
GetWindowsDirectoryA
SetHandleCount
GetStdHandle
GetCPInfo

user32

DdeConnect
DdePostAdvise
DdeClientTransaction
DdeAbandonTransaction
DdeGetData
DdeGetLastError
DdeCreateDataHandle
DdeCmpStringHandles
SetCursorPos
EnumClipboardFormats
DestroyCursor
GetAsyncKeyState
WaitForInputIdle
GetForegroundWindow
keybd_event
VkKeyScanW
SetWindowsHookExW
CharUpperBuffW
CharUpperBuffA
CharLowerBuffW
FindWindowW
FindWindowA
GetLastActivePopup
GetClassInfoExA
LoadIconA
RegisterClassExA
FrameRect
CreateDialogParamA
IsRectEmpty
IsDialogMessageA
ShowCursor
OemToCharA
CharToOemBuffA
LoadAcceleratorsA
BringWindowToTop
GetClipboardFormatNameA
DrawTextA
SetWindowTextA
SendDlgItemMessageA
SetDlgItemTextA
GetWindowTextA
EndDialog
LoadBitmapA
CallNextHookEx
DispatchMessageA
MsgWaitForMultipleObjects
WaitMessage
PostQuitMessage
GetKeyboardLayout
UnhookWindowsHookEx
RegisterClipboardFormatA
CreateCursor
CreateIcon
PostMessageW
PeekMessageW
GetPropA
RemovePropA
SetPropA
CharUpperA
ClipCursor
GetKeyState
DefFrameProcA
GetDlgItem
IsWindow
UnregisterClassA
RegisterClassA
DestroyWindow
AdjustWindowRect
GetTabbedTextExtentA
TabbedTextOutA
GetUpdateRect
FillRect
CharToOemA
LoadStringA
MessageBoxA
wsprintfA
WinHelpA
GetSysColor
GetWindowDC
GetSystemMetrics
SetActiveWindow
DdeSetUserHandle
DdeDisconnect
EqualRect
CopyRect
AdjustWindowRectEx
TranslateMDISysAccel
GetMenuItemCount
GetMenuStringA
GetMenuState
AppendMenuA
IsCharAlphaA
GetCaretPos
CharPrevA
CharNextA
ReleaseDC
GetDC
IntersectRect
GetUpdateRgn
BeginPaint
EndPaint
PtInRect
WindowFromPoint
ReleaseCapture
SetCapture
InflateRect
GetWindowRect
ScreenToClient
MoveWindow
IsWindowEnabled
GetActiveWindow
IsChild
SetParent
ClientToScreen
DrawFocusRect
GetMessageTime
GetMessagePos
CopyAcceleratorTableA
GetWindowRgn
GetMenuItemInfoA
SetMenuItemInfoA
GetKeyboardState
TranslateMessage
SetKeyboardState
GetQueueStatus
RemoveMenu
EnableMenuItem
MapWindowPoints
GetCursorPos
CallWindowProcA
GetDoubleClickTime
CreateMenu
GetClientRect
CreateWindowExA
SetWindowContextHelpId
InvalidateRect
DefWindowProcA
GetDesktopWindow
GetWindowThreadProcessId
SetForegroundWindow
MessageBeep
DefMDIChildProcA
IsZoomed
DestroyMenu
PeekMessageA
PostMessageA
IsIconic
UpdateWindow
SetWindowLongA
DrawMenuBar
GetWindowLongA
IsWindowVisible
EnableWindow
SetFocus
SendMessageA
ShowWindow
GetCapture
GetClassNameA
SetWindowsHookExA
LoadCursorA
SetCursor
GetWindow
GetParent
GetFocus
OffsetRect
SetWindowPos
GetSystemMenu
DdeUninitialize
DdeCreateStringHandleA
DdeNameService
DdeQueryConvInfo
DdeInitializeA
DdeFreeStringHandle
SetScrollRange
DdeQueryStringA
DdeFreeDataHandle
LockWindowUpdate
SetScrollPos
DrawFrameControl
SetClipboardData
CharLowerBuffA
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
OpenClipboard
SetCaretPos
CloseClipboard
GetCaretBlinkTime
DestroyCaret
GetWindowTextLengthA
HideCaret
GetScrollPos
CreateCaret
ShowCaret
ToAscii
SetRect
SetWindowRgn
ShowScrollBar
CreateAcceleratorTableA
DestroyAcceleratorTable
SubtractRect
EnumThreadWindows
SetScrollInfo
AttachThreadInput
InvalidateRgn
GetDCEx
DeleteMenu
TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
CreatePopupMenu
InsertMenuA
SetMenu
GetMenuItemID
GetMenu
SetTimer
CheckMenuItem
ModifyMenuA
GetIconInfo
KillTimer
GetCursor
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
CharLowerA
PostThreadMessageA
VkKeyScanA
DrawIcon
MessageBoxIndirectA
SystemParametersInfoA
DestroyIcon
DialogBoxParamA
GetClassInfoA
LoadImageA
GetScrollInfo

gdi32

CreateSolidBrush
CreatePen
SetBkColor
CreateHatchBrush
CreatePatternBrush
CreateBitmap
SetTextColor
OffsetRgn
CreateRectRgn
OffsetWindowOrgEx
PatBlt
SetBrushOrgEx
SelectObject
IntersectClipRect
SaveDC
RestoreDC
CombineRgn
SetRectRgn
Rectangle
SelectPalette
GetClipBox
RealizePalette
SetWindowOrgEx
ExcludeClipRect
SetROP2
GetTextMetricsA
EnumFontsA
CreateHalftonePalette
SetBkMode
GetROP2
TranslateCharsetInfo
BitBlt
CreateCompatibleDC
DeleteDC
GetObjectA
GetDeviceCaps
CreateCompatibleBitmap
CreateBrushIndirect
GetStockObject
CreatePenIndirect
MoveToEx
Arc
LineTo
Ellipse
SetStretchBltMode
Pie
ExtTextOutA
GetTextExtentPoint32A
GetPixel
CreateRectRgnIndirect
GetBitmapBits
SetPixelV
GetCurrentObject
GetTextExtentPointA
StretchDIBits
GetBkColor
StretchBlt
TextOutA
CreatePalette
EndDoc
CreateDIBitmap
StartPage
EndPage
AbortDoc
CreateDCA
ResetDCA
StartDocA
ScaleViewportExtEx
SetViewportExtEx
Escape
SetWindowExtEx
SetMapMode
SetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SelectClipRgn
SetAbortProc
PlayMetaFile
PtInRegion
DeleteEnhMetaFile
CreateFontIndirectA
GetEnhMetaFileHeader
ScaleWindowExtEx
PlayEnhMetaFile
GetPaletteEntries
CloseEnhMetaFile
GetWindowOrgEx
CreateICA
ExtCreateRegion
CreateEnhMetaFileA
GetWindowExtEx
GetViewportExtEx
GetDIBits
CopyMetaFileA
PathToRegion
CopyEnhMetaFileA
BeginPath
WidenPath
EndPath
GetMapMode
SetDIBColorTable
GetTextColor
RoundRect
CreateRoundRectRgn
CreateDIBSection
GetObjectType
GetSystemPaletteEntries
CreateEllipticRgnIndirect
DeleteObject
UnrealizeObject
GetNearestColor

advapi32

ReportEventA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
RegSetValueA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
DeregisterEventSource
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegEnumValueA
RegQueryValueExW
RegCreateKeyW

ole32

OleLoad
BindMoniker
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
OleLoadFromStream
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal
StringFromCLSID
StringFromGUID2
CLSIDFromProgID
ProgIDFromCLSID
CoGetClassObject
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
MkParseDisplayName
OleLockRunning
CreateILockBytesOnHGlobal
OleFlushClipboard
ReleaseStgMedium
OleQueryLinkFromData
OleQueryCreateFromData
OleIsCurrentClipboard
OleSetMenuDescriptor
OleSave
StgOpenStorage
OleDoAutoConvert
OleDuplicateData
OleRegGetUserType
CoIsOle1Class
OleSaveToStream
ReadClassStm
ReadClassStg
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
StgCreateDocfile
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleCreateFromData
OleCreateLinkFromData
OleGetIconOfClass
OleGetClipboard
OleSetClipboard
OleIsRunning
CreateBindCtx
OleCreateLink
OleCreateLinkToFile
GetClassFile
OleGetAutoConvert
OleRun
OleCreateFromFile
WriteClassStg
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoGetMalloc
IIDFromString
CoDisconnectObject
IsAccelerator

oleaut32

VariantClear
OleTranslateColor
SysFreeString
OleCreateFontIndirect
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreatePictureIndirect
SysAllocStringLen
VariantChangeType
OaBuildVersion
CreateErrorInfo
GetErrorInfo
SetErrorInfo
SysStringByteLen
CreateDispTypeInfo
DispGetParam
DispGetIDsOfNames
DispInvoke
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SafeArrayUnaccessData
SysAllocString
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayAccessData
VariantCopy
SafeArrayDestroy
SafeArrayCreate
VariantCopyInd
SafeArrayGetUBound
OleLoadPicture
SafeArrayGetElement
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayCopy
OleIconToCursor
SafeArrayRedim
SafeArrayDestroyDescriptor
SafeArrayAllocData
RevokeActiveObject
SafeArrayDestroyData
SafeArrayLock
SafeArrayAllocDescriptor
VariantChangeTypeEx
GetActiveObject
SafeArrayUnlock
VarR8FromStr
SysReAllocStringLen
VarDateFromStr
VarBstrFromI2
VarCyFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromI4
VarBstrFromCy
VarI2FromStr
VarBstrFromDate
VarI4FromR8
VarR4FromStr
VarI4FromStr
SysReAllocString
VarCyFromStr
LoadRegTypeLi
LHashValOfNameSysA

Exports

Exports

BASIC_CLASS_AddRef
BASIC_CLASS_GetIDsOfNames
BASIC_CLASS_Invoke
BASIC_CLASS_QueryInterface
BASIC_CLASS_Release
BASIC_DISPINTERFACE_GetTICount
BASIC_DISPINTERFACE_GetTypeInfo
CopyRecord
CreateIExprSrvObj
DLLGetDocumentation
DllFunctionCall
DllRegisterServer
DllUnregisterServer
EVENT_SINK2_AddRef
EVENT_SINK2_Release
EVENT_SINK_AddRef
EVENT_SINK_GetIDsOfNames
EVENT_SINK_Invoke
EVENT_SINK_QueryInterface
EVENT_SINK_Release
EbCreateContext
EbDestroyContext
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbIsProjectOnStack
EbLibraryLoad
EbLibraryUnload
EbLoadRunTime
EbResetProject
EbResetProjectNormal
EbSetContextWorkerThread
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
TipCreateInstanceEx
TipCreateInstanceProject
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipInvokeMethod2
TipSetOption
TipUnloadInstance
TipUnloadProject
UserDllMain
VBDllCanUnloadNow
VBDllGetClassObject
VBDllRegisterServer
VBDllUnRegisterServer
VarPtr
Zombie_AddRef
Zombie_GetIDsOfNames
Zombie_GetTypeInfo
Zombie_GetTypeInfoCount
Zombie_Invoke
Zombie_QueryInterface
Zombie_Release
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAptOffset
__vbaAryConstruct
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryRebase1Var
__vbaAryUnlock
__vbaAryVarVarg
__vbaBoolErrVar
__vbaBoolStr
__vbaBoolVar
__vbaBoolVarNull
__vbaCastObj
__vbaCastObjVar
__vbaCheckType
__vbaCheckTypeVar
__vbaChkstk
__vbaCopyBytes
__vbaCyAbs
__vbaCyAdd
__vbaCyErrVar
__vbaCyFix
__vbaCyForInit
__vbaCyForNext
__vbaCyI2
__vbaCyI4
__vbaCyInt
__vbaCyMul
__vbaCyMulI2
__vbaCySgn
__vbaCyStr
__vbaCySub
__vbaCyUI1
__vbaCyVar
__vbaDateR4
__vbaDateR8
__vbaDateStr
__vbaDateVar
__vbaDerefAry
__vbaDerefAry1
__vbaEnd
__vbaErase
__vbaEraseKeepData
__vbaEraseNoPop
__vbaError
__vbaErrorOverflow
__vbaExceptHandler
__vbaExitEachAry
__vbaExitEachColl
__vbaExitEachVar
__vbaExitProc
__vbaFPException
__vbaFPFix
__vbaFPInt
__vbaFailedFriend
__vbaFileClose
__vbaFileCloseAll
__vbaFileLock
__vbaFileOpen
__vbaFileSeek
__vbaFixstrConstruct
__vbaForEachAry
__vbaForEachCollAd
__vbaForEachCollObj
__vbaForEachCollVar
__vbaForEachVar
__vbaFpCDblR4
__vbaFpCDblR8
__vbaFpCSngR4
__vbaFpCSngR8
__vbaFpCmpCy
__vbaFpCy
__vbaFpI2
__vbaFpI4
__vbaFpR4
__vbaFpR8
__vbaFpUI1
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaFreeVarg
__vbaGenerateBoundsError
__vbaGet3
__vbaGet4
__vbaGetFxStr3
__vbaGetFxStr4
__vbaGetOwner3
__vbaGetOwner4
__vbaGosub
__vbaGosubFree
__vbaGosubReturn
__vbaHresultCheck
__vbaHresultCheckNonvirt
__vbaHresultCheckObj
__vbaI2Abs
__vbaI2Cy
__vbaI2ErrVar
__vbaI2ForNextCheck
__vbaI2I4
__vbaI2Sgn
__vbaI2Str
__vbaI2Var
__vbaI4Abs
__vbaI4Cy
__vbaI4ErrVar
__vbaI4ForNextCheck
__vbaI4Sgn
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaInStrB
__vbaInStrVar
__vbaInStrVarB
__vbaInputFile
__vbaLateIdCall
__vbaLateIdCallLd
__vbaLateIdCallSt
__vbaLateIdNamedCall
__vbaLateIdNamedCallLd
__vbaLateIdNamedCallSt
__vbaLateIdNamedStAd
__vbaLateIdSt
__vbaLateIdStAd
__vbaLateMemCall
__vbaLateMemCallLd
__vbaLateMemCallSt
__vbaLateMemNamedCall
__vbaLateMemNamedCallLd
__vbaLateMemNamedCallSt
__vbaLateMemNamedStAd
__vbaLateMemSt
__vbaLateMemStAd
__vbaLbound
__vbaLenBstr
__vbaLenBstrB
__vbaLenVar
__vbaLenVarB
__vbaLineInputStr
__vbaLineInputVar
__vbaLsetFixstr
__vbaLsetFixstrFree
__vbaMidStmtBstr
__vbaMidStmtBstrB
__vbaMidStmtVar
__vbaMidStmtVarB
__vbaNameFile
__vbaNew
__vbaNew2
__vbaNextEachAry
__vbaNextEachCollAd
__vbaNextEachCollObj
__vbaNextEachCollVar
__vbaNextEachVar
__vbaObjAddref
__vbaObjIs
__vbaObjSet
__vbaObjSetAddref
__vbaObjVar
__vbaOnError
__vbaOnGoCheck
__vbaPowerR8
__vbaPrintFile
__vbaPrintObj
__vbaPut3
__vbaPut4
__vbaPutFxStr3
__vbaPutFxStr4
__vbaPutOwner3
__vbaPutOwner4
__vbaR4Cy
__vbaR4ErrVar
__vbaR4ForNextCheck
__vbaR4Sgn
__vbaR4Str
__vbaR4Var
__vbaR8Cy
__vbaR8ErrVar
__vbaR8FixI2
__vbaR8FixI4
__vbaR8ForNextCheck
__vbaR8IntI2
__vbaR8IntI4
__vbaR8Sgn
__vbaR8Str
__vbaR8Var
__vbaRaiseEvent
__vbaRecAnsiToUni
__vbaRecAssign
__vbaRecDestruct
__vbaRecDestructAnsi
__vbaRecUniToAnsi
__vbaRedim
__vbaRedimPreserve
__vbaRedimPreserveVar
__vbaRedimVar
__vbaRefVarAry
__vbaResume
__vbaRsetFixstr
__vbaRsetFixstrFree
__vbaSetSystemError
__vbaStopExe
__vbaStr2Vec
__vbaStrAryToAnsi
__vbaStrAryToUnicode
__vbaStrBool
__vbaStrCat
__vbaStrCmp
__vbaStrComp
__vbaStrCompVar
__vbaStrCopy
__vbaStrCy
__vbaStrDate
__vbaStrErrVarCopy
__vbaStrFixstr
__vbaStrI2
__vbaStrI4
__vbaStrLike
__vbaStrMove
__vbaStrR4
__vbaStrR8
__vbaStrTextCmp
__vbaStrTextLike
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrUI1
__vbaStrVarCopy
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1Cy
__vbaUI1ErrVar
__vbaUI1I2
__vbaUI1I4
__vbaUI1Sgn
__vbaUI1Str
__vbaUI1Var
__vbaUbound
__vbaUnkVar
__vbaVar2Vec
__vbaVarAbs
__vbaVarAdd
__vbaVarAnd
__vbaVarCat
__vbaVarCmpEq
__vbaVarCmpGe
__vbaVarCmpGt
__vbaVarCmpLe
__vbaVarCmpLt
__vbaVarCmpNe
__vbaVarCopy
__vbaVarDateVar
__vbaVarDiv
__vbaVarDup
__vbaVarEqv
__vbaVarErrI4
__vbaVarFix
__vbaVarForInit
__vbaVarForNext
__vbaVarIdiv
__vbaVarImp
__vbaVarIndexLoad
__vbaVarIndexLoadRef
__vbaVarIndexLoadRefLock
__vbaVarIndexStore
__vbaVarIndexStoreObj
__vbaVarInt
__vbaVarLike
__vbaVarLikeVar
__vbaVarMod
__vbaVarMove
__vbaVarMul
__vbaVarNeg
__vbaVarNot
__vbaVarOr
__vbaVarPow
__vbaVarSetObj
__vbaVarSetObjAddref
__vbaVarSetUnk
__vbaVarSetUnkAddref
__vbaVarSetVar
__vbaVarSetVarAddref
__vbaVarSub
__vbaVarTextCmpEq
__vbaVarTextCmpGe
__vbaVarTextCmpGt
__vbaVarTextCmpLe
__vbaVarTextCmpLt
__vbaVarTextCmpNe
__vbaVarTextLike
__vbaVarTextLikeVar
__vbaVarTextTstEq
__vbaVarTextTstGe
__vbaVarTextTstGt
__vbaVarTextTstLe
__vbaVarTextTstLt
__vbaVarTextTstNe
__vbaVarTstEq
__vbaVarTstGe
__vbaVarTstGt
__vbaVarTstLe
__vbaVarTstLt
__vbaVarTstNe
__vbaVarVargNofree
__vbaVarXor
__vbaVargObj
__vbaVargObjAddref
__vbaVargParmRef
__vbaVargUnk
__vbaVargUnkAddref
__vbaVargVar
__vbaVargVarCopy
__vbaVargVarMove
__vbaVargVarRef
__vbaVerifyVarObj
__vbaWriteFile
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtDecFromVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFixVar
rtcFreeFile
rtcGetAllSettings
rtcGetCurrentCalendar
rtcGetDateBstr
rtcGetDateValue
rtcGetDateVar
rtcGetDayOfMonth
rtcGetDayOfWeek
rtcGetErl
rtcGetFileAttr
rtcGetHostLCID
rtcGetHourOfDay
rtcGetMinuteOfHour
rtcGetMonthOfYear
rtcGetObject
rtcGetPresentDate
rtcGetSecondOfMinute
rtcGetSetting
rtcGetTimeBstr
rtcGetTimeValue
rtcGetTimeVar
rtcGetTimer
rtcGetYear
rtcHexBstrFromVar

Sections

.text
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
使用说明.txt
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 84B

.data Size: 512B - Virtual size: 4B

.idata Size: 512B - Virtual size: 144B

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 512B - Virtual size: 108B

87b324a67e18fb2e1d12308b06fa8d4f

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

comdlg32

gdi32

shell32

user32

ole32

Sections

.text Size: 75KB - Virtual size: 76KB

.data Size: 2KB - Virtual size: 28KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 16KB

0615e9c25da62e90a31fe72638c8f4fb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1008KB - Virtual size: 1007KB

ENGINE Size: 68KB - Virtual size: 67KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 164KB - Virtual size: 160KB

.reloc Size: 64KB - Virtual size: 63KB

.rdata
Size: 512B - Virtual size: 84B

.data
Size: 512B - Virtual size: 4B

.idata
Size: 512B - Virtual size: 144B

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 512B - Virtual size: 108B

.text
Size: 75KB - Virtual size: 76KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB

.text
Size: 1008KB - Virtual size: 1007KB

ENGINE
Size: 68KB - Virtual size: 67KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 164KB - Virtual size: 160KB

.reloc
Size: 64KB - Virtual size: 63KB