c45103aabf3cdceb7f40d21da8ca7750

Sharing

Copy URL Twitter E-mail

General

Target

c45103aabf3cdceb7f40d21da8ca7750
Size

48KB
MD5

c45103aabf3cdceb7f40d21da8ca7750
SHA1

2a721c7c5a719c091dff5533681a6d44a69db45c
SHA256

02a114b7201d78027e1d31f7ca6149634ce93cd65676db829ab293e05949b99a
SHA512

48c2972a156ca9331cd0ef2bb601ffecee1cf3ca7f9ea11f4067486f1312e9ea3375e4405bbad328d04c43dae14301db4e2b278403387597628a0f5bdedd0986
SSDEEP

1536:bpjYQ1EeNaAT3iHVUoIfVsMZG7VBC8KQSpf0E4HQIYIJ5a:bUehTYiMMQ7VBKQfP5a

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/34123109/New Folder/Min to Tray.exe
unpack001/34123109/backup/Min to Tray.exe

Files

c45103aabf3cdceb7f40d21da8ca7750
.rar
34123109/ABugFix.txt
34123109/GWL.bas
.vbs
34123109/ICON.bas
.vbs
34123109/Min to Tray.vbp
34123109/Min to Tray.vbw
34123109/Misc.bas
.vbs
34123109/New Folder/ICON.bas
.vbs
34123109/New Folder/Min to Tray.exe
.exe windows:4 windows x86 arch:x86

a8bcfa55bd3d16ca296a600a3a2d9a83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
ord588
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaLateMemSt
__vbaVarForInit
ord300
ord301
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaFpR4
ord306
ord307
__vbaFpR8
__vbaBoolVarNull
_CIsin
__vbaVargVarMove
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaVarTstEq
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
ord536
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
ord611
__vbaLateMemCall
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
ord616
__vbaFpI4
__vbaRecDestructAnsi
__vbaLateMemCallLd
_CIatan
ord618
__vbaCastObj
__vbaStrMove
ord650
_allmul
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
34123109/New Folder/Min to Tray.vbp
34123109/New Folder/Min to Tray.vbw
34123109/New Folder/Tray.bas
.vbs
34123109/New Folder/frmMain.frm
.vbs
34123109/New Folder/frmMain.frx
34123109/New Folder/frmSplash.frm
34123109/New Folder/frmSplash.frx
34123109/New Folder/frmTray.frm
.vbs
34123109/New Folder/frmxTray.frm
34123109/Relatives.bas
.vbs
34123109/Tray.bas
.vbs
34123109/backup/ICON.bas
.vbs
34123109/backup/Min to Tray.exe
.exe windows:4 windows x86 arch:x86

fe204bb86b27560bddc706e0c8b799f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
ord588
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaBoolVarNull
_CIsin
__vbaVargVarMove
__vbaChkstk
EVENT_SINK_AddRef
__vbaVarTstEq
__vbaObjVar
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord536
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
__vbaLateMemCall
__vbaFpI4
_CIatan
__vbaCastObj
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
34123109/backup/Min to Tray.vbp
34123109/backup/Min to Tray.vbw
34123109/backup/Relatives.bas
.vbs
34123109/backup/Tray.bas
.vbs
34123109/backup/frmMain.frm
.vbs
34123109/backup/frmMain.frx
34123109/backup/frmOptions.frm
34123109/backup/frmSplash.frm
34123109/backup/frmSplash.frx
34123109/backup/frmTray.frm
.vbs
34123109/backup/frmxTray.frm
34123109/frmMain.frm
.vbs
34123109/frmMain.frx
34123109/frmOnTop.frm
.vbs
34123109/frmOnTop.frx
34123109/frmOptions.frm
34123109/frmOptions.frx
34123109/frmSplash.frm
34123109/frmSplash.frx
34123109/frmTray.frm
.vbs
34123109/frmxTray.frm
34123109/zDate.bas
.vbs
34123109/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

a8bcfa55bd3d16ca296a600a3a2d9a83

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 3KB

fe204bb86b27560bddc706e0c8b799f3

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 2KB