aa3ebed8bc9f49c0315dcfa322232b73

Sharing

Copy URL Twitter E-mail

General

Target

aa3ebed8bc9f49c0315dcfa322232b73
Size

11KB
MD5

aa3ebed8bc9f49c0315dcfa322232b73
SHA1

396ac46854b2faec5c04dfac856de493c78e4909
SHA256

d272ec3c0fe59b3f51b7219fb8a876938dd54975d5869ae44bed30c3ac90f0d5
SHA512

65bb5b1f25a82ac0b50d89f6b32cf012e12d944826ee43c782280bc05b4d58f7859f197e3c6549bdec203073fa56d46dc70b96e4b48c3ae99a6d309a4fc0b530
SSDEEP

192:JowHaajBUuIRrhva10Eg64zUx0gicGaLu4dd3ovrHRO6oEr6NSzqCNigxwTMeT4B:uDajquivaW1Ux0UtLuudYvrHo6oEr6op

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/15120097/proxy.exe

Files

aa3ebed8bc9f49c0315dcfa322232b73
.rar
15120097/Form1.frm
.vbs
15120097/MSSCCPRJ.SCC
15120097/proxy.exe
.exe windows:4 windows x86 arch:x86

e0d0ad026dca2f18d2ce2c41b84e753e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
__vbaForEachCollVar
ord520
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
ord528
__vbaStrCmp
__vbaObjVar
__vbaNextEachCollVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaInStrVar
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
__vbaLateMemCall
__vbaVarAdd
__vbaVarLateMemCallLd
ord617
_CIatan
__vbaStrMove
ord619
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
15120097/下载说明.htm
.html .js polyglot
15120097/工程1.vbp
15120097/工程1.vbw

Sharing

General

Malware Config

Signatures

Files

e0d0ad026dca2f18d2ce2c41b84e753e

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB