63e8e937e4fe60baee62407936205d47

Sharing

Copy URL Twitter E-mail

General

Target

63e8e937e4fe60baee62407936205d47
Size

16KB
MD5

63e8e937e4fe60baee62407936205d47
SHA1

68ed4f04cfdf17c557f70631c813b90c8f7ed4be
SHA256

4dbf36aede707013da86aa00b2a539f5cb0ffb8dc358d23a9fc842d772101fc9
SHA512

46bc30a5f58565dda7915198542e7e2f4154a70393dd9c30b463df3b3318a8032b639efcd68ad7205787a4633e74a1660869f665008f7e36749164e171b0f760
SSDEEP

384:NTgjYAPh3pdMZcDkX4X/GOF8GJ7ntQbOAqxMZI:iPNMqDTXxF8GxUqxMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MsgBoxEx.exe
unpack001/MsgBoxEx.uzy
unpack001/cc.uzy
unpack001/extractor.uzy

Files

63e8e937e4fe60baee62407936205d47
.rar
CList.dat
MSSCCPRJ.SCC
MsgBoxEx.exe
.exe windows:4 windows x86 arch:x86

c485506e747de12436e5111d0c29c1a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord595
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
ord525
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaStrToAnsi
ord616
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MsgBoxEx.uzy
.exe windows:5 windows x86 arch:x86

8c5291ffc0f0168c1d648869138ce661

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
strchr
malloc
_exit
__p___initenv
__getmainargs
_initterm
_XcptFilter
__setusermatherr
__p__commode
printf
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv
__p__fmode

kernel32

SetConsoleCtrlHandler

rcdll

Handler
RC

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MsgBoxEx.vbp
MsgBoxEx.vbw
cc.uzy
.exe windows:5 windows x86 arch:x86

8c5291ffc0f0168c1d648869138ce661

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
strchr
malloc
_exit
__p___initenv
__getmainargs
_initterm
_XcptFilter
__setusermatherr
__p__commode
printf
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv
__p__fmode

kernel32

SetConsoleCtrlHandler

rcdll

Handler
RC

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
extractor.uzy
.exe windows:5 windows x86 arch:x86

8c5291ffc0f0168c1d648869138ce661

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
strchr
malloc
_exit
__p___initenv
__getmainargs
_initterm
_XcptFilter
__setusermatherr
__p__commode
printf
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv
__p__fmode

kernel32

SetConsoleCtrlHandler

rcdll

Handler
RC

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
fMain.frm
fMain.frx
mMsgBoxEx.bas
.vbs
swvb.ico
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

c485506e747de12436e5111d0c29c1a2

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 5KB

8c5291ffc0f0168c1d648869138ce661

Headers

File Characteristics

Imports

msvcrt

kernel32

rcdll

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 60B

.rsrc Size: 1024B - Virtual size: 944B

8c5291ffc0f0168c1d648869138ce661

Headers

File Characteristics

Imports

msvcrt

kernel32

rcdll

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 60B

.rsrc Size: 1024B - Virtual size: 944B

8c5291ffc0f0168c1d648869138ce661

Headers

File Characteristics

Imports

msvcrt

kernel32

rcdll

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 60B

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 60B

.rsrc
Size: 1024B - Virtual size: 944B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 60B

.rsrc
Size: 1024B - Virtual size: 944B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 60B

.rsrc
Size: 1024B - Virtual size: 944B