9aa39e51986c8304ae6fefc14f552832

General

Target

9aa39e51986c8304ae6fefc14f552832
Size

108KB
MD5

9aa39e51986c8304ae6fefc14f552832
SHA1

38c543f60aa3f3c54c1d9e918b51a237b503b82e
SHA256

33fb66a5d7bbe305a568c6e1566ec1bc515f3d1d6d029bd8b17fdd5a846e0072
SHA512

361ff175a95fc07cd9ada4cd3b2a3f9ce1622716cccfd4bda24c0b912313a82b121d7dbc07a28b4e7d8f23fb1d3e6aea5e5ba4218b60b9de77d3ac39be3749c0
SSDEEP

3072:+rmXaB3gQXl0mtCb/4kSFgOpX4ITe7rQ8qng4a:smX0PXlVwb4FFGI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AVIRA-~1.EXE
unpack001/server.exe

Files

9aa39e51986c8304ae6fefc14f552832
.cab
AVIRA-~1.EXE
.exe windows:4 windows x86 arch:x86

dc39c7b402e38cbcf4034f81308e6be7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaStrToAnsi
__vbaVarDup
_CIatan
_allmul
_CItan
_CIexp

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
server.exe
.exe windows:4 windows x86 arch:x86

8afbf9211984274dc7a21b630ecae242

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetTickCount
HeapAlloc
ExitProcess
GetStartupInfoA
GetCommandLineA
GetProcessHeap

user32

MessageBoxA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc39c7b402e38cbcf4034f81308e6be7

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 312KB - Virtual size: 312KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 32KB

8afbf9211984274dc7a21b630ecae242

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 312KB - Virtual size: 312KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 32KB

.text
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 27KB - Virtual size: 26KB