bdbc420b50c8de6de38cf0455ed18851

General

Target

bdbc420b50c8de6de38cf0455ed18851
Size

33KB
MD5

bdbc420b50c8de6de38cf0455ed18851
SHA1

4ce321fc0a6c432020a1cb413011ecd35f02d5df
SHA256

6ba72e7aac036117c63d7d7b1ef6980c73cbe32dc6ba92de99713b1005322b84
SHA512

260fa62eb7b9f0a8731af7f1b6abb8b506ff84aba72ed53d1172f311d842bc9b9c280e0847bec6e83df58f7ef08ae65707fee26db6ac93df3835e32e740254a3
SSDEEP

768:qlZW/7DEkkUJ5WfNKLncWVpPfrfyT5eWRq/xba6YQH3yi1CFD5xT:0UjDTkfCcWVpPDG4Wc/xlYQHBCp5xT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MEDO - Alcione Ao vivo em goiania.exe

Files

bdbc420b50c8de6de38cf0455ed18851
.rar
MEDO - Alcione Ao vivo em goiania.exe
.exe windows:4 windows x86 arch:x86

2441359a72a1d32f4f8d7bb2e0031571

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
__vbaPut3
_adj_fdiv_m64
__vbaPut4
__vbaLineInputVar
__vbaFreeObjList
ord516
_adj_fprem1
__vbaResume
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
ord666
__vbaAryDestruct
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
ord520
_CIsin
ord631
ord632
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord529
__vbaStrCmp
__vbaGet4
__vbaVarTstEq
__vbaI2I4
__vbaObjVar
DllFunctionCall
_adj_fpatan
__vbaFixstrConstruct
__vbaRedim
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaExceptHandler
ord712
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord531
ord716
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
ord648
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord578
ord685
ord100
ord579
__vbaVarSetVar
__vbaVarCmpEq
__vbaVarAdd
__vbaLateMemCall
__vbaVarDup
__vbaStrToAnsi
ord616
__vbaVarSetObjAddref
ord617
_CIatan
__vbaCastObj
__vbaUI1Str
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord580

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2441359a72a1d32f4f8d7bb2e0031571

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 64KB - Virtual size: 62KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 64KB - Virtual size: 62KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 28KB - Virtual size: 27KB