be3c4feae550ca5db9d4b3ebde088040

General

Target

be3c4feae550ca5db9d4b3ebde088040
Size

128KB
MD5

be3c4feae550ca5db9d4b3ebde088040
SHA1

593a93296732850723e5eceb17ed996ab2251871
SHA256

f9982b0cbeff9d08a645a1f2c37755d1d23bd2a35ccc03e60b9498b8f2c3d7e6
SHA512

fb03c05cd993d1e8a1ff7f3d0e79028d8643402f00bb3376c4dc0117c2b8f6c6b2bf99c08c12e5cb8fb6171f8e4137bff38af410c2fa33b47f6f78bab9f592ac
SSDEEP

3072:iQG4nNe/o+VnqOVx8tlv7jFIp+sVOEK/9yB2EbhC:iz4NN+VqO6dIFVnK/ubA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/挂机锁小黑8.0/挂机锁小黑8.0.exe

Files

be3c4feae550ca5db9d4b3ebde088040
.rar
挂机锁小黑8.0/xiaohei1.jpg
.jpg
挂机锁小黑8.0/挂机锁小黑8.0.exe
.exe windows:4 windows x86 arch:x86

8c48429e8f1b9b46a9d6e8dcb5953bde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaLateIdCall
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaStrFixstr
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
__vbaVarLateMemSt
_adj_fpatan
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaFpI4
ord617
_CIatan
__vbaStrMove
_allmul
_CItan
ord546
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
挂机锁小黑8.0/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

8c48429e8f1b9b46a9d6e8dcb5953bde

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 224KB - Virtual size: 222KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 224KB - Virtual size: 222KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 28KB - Virtual size: 27KB