9bc3aba7cfc08d2187ca653ed8fa2c03

Sharing

Copy URL Twitter E-mail

General

Target

9bc3aba7cfc08d2187ca653ed8fa2c03
Size

11KB
MD5

9bc3aba7cfc08d2187ca653ed8fa2c03
SHA1

e36a34f97df3981c26bc9349d976d6835dba4691
SHA256

20a9de5460f338c8068688f5fdaa5a8e703c3ddd978e33aa0295149fb5f2a31d
SHA512

61eb8d5002b1cf70edbc0d7abf30b4549a6bf89ab6b56d943460bf0f89095a6dfe9b2d79d737274c3dd9b95445c98214828d398061284c79d9180fc510e337ee
SSDEEP

192:JgYt1PPrOshx8GodEZIuhCs9DQkcT+LX58V5qtl2y1OCsx2V5ERSJd:Wq1nrZxHodElgOQ/T+LJrlL1OVrSD

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Menu.exe
unpack001/程序太平洋dapha.net.EXE

Files

9bc3aba7cfc08d2187ca653ed8fa2c03
.rar
MSSCCPRJ.SCC
Menu.exe
.exe windows:4 windows x86 arch:x86

cce5f5d2a43c99743879fd932e869975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Menu.vbp
Menu.vbw
frmMenu.frm
.vbs
frmMenu.frx
frmMenu.log
下载说明.htm
.html .js polyglot
程序太平洋dapha.net.EXE
.exe windows:4 windows x86 arch:x86

d2649867cedca90066a116140657c3c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarDup
_CIatan
_allmul
_CItan
_CIexp

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce5f5d2a43c99743879fd932e869975

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

d2649867cedca90066a116140657c3c4

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 4KB