4e9bf8bc3946a2a40e9db9586b2de9fe[.]bin | Triage

Sharing

General

Target

4e9bf8bc3946a2a40e9db9586b2de9fe.bin
Size

5KB
MD5

385e249c3766687d1edbe5acd63d6f95
SHA1

4a3124b0d13e5a5a3f548550d11d63fb70a42464
SHA256

575f1301c56baef6b1634d2147c803c4178fdf62e2dd5d14a22266719f94deaf
SHA512

1a96dfd7075657f0910d2036d4eec789a9f4da138d2f3b7605a17af5f6c7ac246e6e7311bac83b16bae0f6787ab7c0de61fed1d7b6ad0583ead6942935adf05b
SSDEEP

96:f+hXna8Rvgl6LpsnXIlWNy6kpZYzsxDlbsezZtKxXR3lKX7jlmvBsiLreL5K:iXRUYsYlW0JpZgmJbxt6XRYXwZ7L68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cdc95fc581fa222f95765ac539fa417e86e453cc5c18fce22e9cee11456ebcbb.exe

Files

4e9bf8bc3946a2a40e9db9586b2de9fe.bin
.zip

Password: infected
cdc95fc581fa222f95765ac539fa417e86e453cc5c18fce22e9cee11456ebcbb.exe
.exe windows:4 windows x86 arch:x86

Password: infected

19efc9e40325dd618a0e7bcf9d6da050

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaLineInputStr
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
ord660
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaVarCat
ord645
_CIlog
__vbaFileOpen
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
ord577
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarDup
_CIatan
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE