0fd80b98db139a7e0d6218d343576fdc

General

Target

0fd80b98db139a7e0d6218d343576fdc
Size

60KB
MD5

0fd80b98db139a7e0d6218d343576fdc
SHA1

af99a439932795637200fe2765d24184d1ea5e5d
SHA256

ed4c400f84868c07bb9a3a5da64c972a01c5f5406161b099b9a6bba9a47c0ef4
SHA512

686a42273952d51348c406134a274fddd724c9201cbd192bb3473219ee85383db3947cafee3d7ddef8fe5291fc64f6c50bf14a0b766a29a1d8ecc58be2ea535c
SSDEEP

1536:bGpMTa9r6Ozbq/UtR7sZeZ1XTIH3kC+YA9qkjWbP64:Cpy/Yq/yaAbIGYA4D64

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Gusanito_comespmipostalrecoger6C8A374345B26C939962505B50572A.exe

Files

0fd80b98db139a7e0d6218d343576fdc
.zip
Gusanito_comespmipostalrecoger6C8A374345B26C939962505B50572A.exe
.exe windows:4 windows x86 arch:x86

14af87b28ce5dcd14a59ecc9e246a433

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60.dll

_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
ord516
_adj_fprem1
ord518
__vbaCopyBytes
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaVarIndexLoad
_CIsin
__vbaErase
ord631
ord632
ord525
__vbaVarZero
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
rtcVarType
__vbaGet3
__vbaVarTstEq
__vbaAryConstruct2
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
__vbaUI1ErrVar
EVENT_SINK_Release
__vbaNew
ord601
_CIsqrt
EVENT_SINK_QueryInterface
__vbaStr2Vec
__vbaExceptHandler
ord711
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
ord717
__vbaStrVarVal
__vbaUbound
__vbaVarCat
ord537
ord644
_CIlog
__vbaFileOpen
__vbaInStr
__vbaNew2
__vbaR8Str
__vbaVar2Vec
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord578
ord100
__vbaI4Var
__vbaVarAdd
__vbaAryLock
__vbaVarDup
ord616
ord617
_CIatan
__vbaAryCopy
__vbaStrMove
ord619
_allmul
_CItan
__vbaUI1Var
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaI4ErrVar
__vbaFreeStr

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14af87b28ce5dcd14a59ecc9e246a433

Headers

File Characteristics

Imports

msvbvm60.dll

Sections

.text Size: 44KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 44KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 44KB - Virtual size: 40KB