7041ff50cb8aae28c2e916685aed0b2de991f71202570af4cead90d9425d9f44

Sharing

Copy URL

Twitter E-mail

General

Target

7041ff50cb8aae28c2e916685aed0b2de991f71202570af4cead90d9425d9f44
Size

484KB
MD5

2f677d0edb1d5ab796c0ca09f237121d
SHA1

f32604ff3712b1f7f8ac388508b48c392fa5dee1
SHA256

7041ff50cb8aae28c2e916685aed0b2de991f71202570af4cead90d9425d9f44
SHA512

7b4a8fcacace54c7e9d365197fedd63f101eccc8fabb6b6223edbac447a47f509833facc030139db6e0d3350ade131bd787e5c81795993c8dbdd2d304114d2dd
SSDEEP

12288:VHZz0TPaPDmgdimn54tnzTWyEAq5xbKN1I:Ogdimn58TWyE755KN

Score

10^/10

Malware Config

Signatures

Detects Windows executables referencing non-Windows User-Agents 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_NoneWindowsUA

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7041ff50cb8aae28c2e916685aed0b2de991f71202570af4cead90d9425d9f44

Files

7041ff50cb8aae28c2e916685aed0b2de991f71202570af4cead90d9425d9f44
.exe windows:4 windows x86 arch:x86

495db72fbb8878eb6ed8dba6d329b92d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
ord696
__vbaVarIdiv
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord698
__vbaNextEachVar
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
__vbaVarIndexLoadRef
_adj_fprem1
ord518
__vbaI2Abs
__vbaStrCat
__vbaVarCmpNe
ord660
__vbaSetSystemError
ord661
__vbaHresultCheckObj
ord662
ord557
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaLateMemSt
__vbaVarIndexLoadRefLock
__vbaExitProc
ord593
__vbaVarForInit
__vbaForEachCollObj
ord594
__vbaObjSet
ord595
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
ord520
__vbaFPFix
__vbaVargVar
__vbaFpR8
__vbaBoolVarNull
__vbaRefVarAry
__vbaVarTstLt
_CIsin
ord709
ord631
__vbaErase
ord525
__vbaVarZero
__vbaVarCmpGt
ord632
__vbaNextEachCollObj
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaGet3
__vbaStrCmp
ord529
__vbaVarTstEq
ord561
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarLateMemSt
__vbaVarOr
__vbaCastObjVar
__vbaLbound
__vbaStrR4
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
EVENT_SINK_Release
__vbaNew
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
ord710
__vbaVarMul
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord712
__vbaPrintFile
ord606
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord607
__vbaI2Str
ord608
ord716
__vbaFPException
ord717
__vbaInStrVar
__vbaGetOwner3
__vbaStrVarVal
__vbaUbound
__vbaVarCat
ord535
__vbaI2Var
ord644
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
ord570
__vbaNew2
__vbaInStr
__vbaR8Str
__vbaVar2Vec
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
__vbaR8Var
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
ord610
__vbaAryLock
__vbaLateMemCall
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord612
ord613
__vbaFpI2
__vbaVarMod
ord616
__vbaVarCopy
__vbaVarLateMemCallLd
__vbaFpI4
ord617
__vbaVarSetObjAddref
__vbaR8IntI2
__vbaLateMemCallLd
_CIatan
ord618
__vbaStrMove
__vbaAryCopy
__vbaCastObj
ord619
__vbaStrVarCopy
__vbaForEachVar
__vbaR8IntI4
ord650
ord543
_allmul
__vbaLateIdSt
ord544
__vbaLateMemCallSt
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 448KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

495db72fbb8878eb6ed8dba6d329b92d

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 448KB - Virtual size: 445KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 448KB - Virtual size: 445KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 28KB - Virtual size: 27KB