492d996e6f2d158f8551fa53945e7f29

Sharing

Copy URL Twitter E-mail

General

Target

492d996e6f2d158f8551fa53945e7f29
Size

119KB
MD5

492d996e6f2d158f8551fa53945e7f29
SHA1

5de0d0bf124fe4d95a05543e44ed4b0ba85f358b
SHA256

f2f607cf9a1dcf5e1c3a749bbc40e4c7c03d3b20d16da5954135143e0261219c
SHA512

cb041e7d300651d49c5f69a2c22033c3a3156a67e293e77facea4d96adb89a7bab90c0452232325a1994083035a9c16e2ee55cff74967faa7c169df1fd50bc40
SSDEEP

1536:0DDgdUHtkIIF658Lg59ewOG1Cm7Kctql8xrXwih7JtNotEDaz4mYI5G56+sRtrxl:5eHFIF9Lg5xnntqAhmWD1mYo4K66Ht7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Vista1.6/模拟Vista窗体.exe

Files

492d996e6f2d158f8551fa53945e7f29
.rar
Vista1.6/SKIN/SKIN0/FRAME.png
.png
Vista1.6/SKIN/SKIN0/chgskin.png
.png
Vista1.6/SKIN/SKIN0/close.png
.png
Vista1.6/SKIN/SKIN0/minimize.png
.png
Vista1.6/SKIN/SKIN0/sizemax.png
.png
Vista1.6/SKIN/SKIN0/sizenormal.png
.png
Vista1.6/SKIN/SKIN0/skin.ini
Vista1.6/SKIN/SKIN1/FRAME.png
.png
Vista1.6/SKIN/SKIN1/chgskin.png
.png
Vista1.6/SKIN/SKIN1/close.png
.png
Vista1.6/SKIN/SKIN1/minimize.png
.png
Vista1.6/SKIN/SKIN1/sizemax.png
.png
Vista1.6/SKIN/SKIN1/sizenormal.png
.png
Vista1.6/SKIN/SKIN1/skin.ini
Vista1.6/SKIN/SKIN2/FRAME.png
.png
Vista1.6/SKIN/SKIN2/chgskin.png
.png
Vista1.6/SKIN/SKIN2/close.png
.png
Vista1.6/SKIN/SKIN2/minimize.png
.png
Vista1.6/SKIN/SKIN2/sizemax.png
.png
Vista1.6/SKIN/SKIN2/sizenormal.png
.png
Vista1.6/SKIN/SKIN2/skin.ini
Vista1.6/SKIN/SKIN3/FRAME.png
.png
Vista1.6/SKIN/SKIN3/chgskin.png
.png
Vista1.6/SKIN/SKIN3/close.png
.png
Vista1.6/SKIN/SKIN3/minimize.png
.png
Vista1.6/SKIN/SKIN3/sizemax.png
.png
Vista1.6/SKIN/SKIN3/sizenormal.png
.png
Vista1.6/SKIN/SKIN3/skin.ini
Vista1.6/SKIN/SKIN4/FRAME.png
.png
Vista1.6/SKIN/SKIN4/chgskin.png
.png
Vista1.6/SKIN/SKIN4/close.png
.png
Vista1.6/SKIN/SKIN4/minimize.png
.png
Vista1.6/SKIN/SKIN4/sizemax.png
.png
Vista1.6/SKIN/SKIN4/sizenormal.png
.png
Vista1.6/SKIN/SKIN4/skin.ini
Vista1.6/SKIN/新建文本文档.txt
Vista1.6/readme.txt
Vista1.6/安装说明.url
.url
Vista1.6/模拟Vista窗体.exe
.exe windows:4 windows x86 arch:x86

7537c9ea8ddaf09ada135f43e996245a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaAryMove
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaExitProc
__vbaFileCloseAll
__vbaI4Abs
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
ord597
__vbaObjSetAddref
_adj_fdivr_m16i
ord520
__vbaBoolVarNull
__vbaFpR8
_CIsin
ord631
__vbaErase
__vbaVarCmpGt
ord525
ord632
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarOr
ord670
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
ord600
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaExceptHandler
ord711
ord712
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
ord608
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
__vbaGetOwner3
__vbaVarCat
__vbaI2Var
ord644
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord578
ord100
ord579
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaAryLock
__vbaStrToAnsi
__vbaVarDup
ord616
__vbaFpI4
__vbaLateMemCallLd
_CIatan
__vbaUI1Str
__vbaStrMove
__vbaCastObj
__vbaAryCopy
ord619
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7537c9ea8ddaf09ada135f43e996245a

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 100KB - Virtual size: 99KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 100KB - Virtual size: 99KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 16KB - Virtual size: 12KB