8fcc48c97a23ca4644e23991ceea12f0779ee64e5fb701b134be46baae779bef[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8fcc48c97a23ca4644e23991ceea12f0779ee64e5fb701b134be46baae779bef.exe
Size

4.1MB
MD5

2655f1b554c92da9e892a078cfe2beb0
SHA1

d2c2ca0a7bd48888663d536dc57d6ed42a678c74
SHA256

8fcc48c97a23ca4644e23991ceea12f0779ee64e5fb701b134be46baae779bef
SHA512

21186b0b8b383ac354ee5d7a173543e45ffbaa03572be48b9a578fe75f795fb1e453285f4ba824fda30f8447b18a0b6cd95524e4c1eccbe62772ead8bf05a601
SSDEEP

98304:KpeCQta/wbXQQyPxr8qGLUiT8LG/D1ogirHE0tib/pso00BA3RtZXTvzwiSkRZh9:KpXQta/wbXQQyPxr8qGLUiT8LG/LirHi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fcc48c97a23ca4644e23991ceea12f0779ee64e5fb701b134be46baae779bef.exe

Files

8fcc48c97a23ca4644e23991ceea12f0779ee64e5fb701b134be46baae779bef.exe
.exe windows:4 windows x86 arch:x86

0633bf23d510f150a2ec5ffd5540a89f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluPerspective

kernel32

RtlZeroMemory

gdi32

SetPixelFormat
ChoosePixelFormat
SwapBuffers

opengl32

wglMakeCurrent
glGenLists
glDisable
glLoadIdentity
glReadPixels
glDeleteLists
glShadeModel
glNormal3f
glMaterialf
glVertex3f
glTranslatef
glLightfv
wglCreateContext
glNewList
glLightModelfv
glEndList
glEnd
glPixelStorei
glClearColor
glColor3f
glOrtho
glEnable
glLineWidth
glRotatef
wglDeleteContext
glViewport
glBegin
glBlendFunc
glClear
glGetIntegerv
glPointSize
glMatrixMode
glColor4f
glCallList

msvbvm60

__vbaVarSub
__vbaVarTstGt
ord582
__vbaStrI2
ord583
__vbaR8ForNextCheck
ord584
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
ord585
__vbaHresultCheck
ord586
__vbaVarVargNofree
ord587
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaLateIdCall
__vbaGosubReturn
__vbaPut3
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord518
__vbaRecAnsiToUni
__vbaResume
__vbaVarCmpNe
__vbaStrCat
ord553
ord660
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
__vbaVargVarCopy
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaAryDestruct
__vbaVarCmpGe
__vbaLateMemSt
ord669
__vbaVarForInit
__vbaExitProc
__vbaVarPow
ord300
ord301
__vbaObjSet
ord595
__vbaOnError
ord302
ord596
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
ord598
__vbaVarIndexLoad
__vbaFpR4
ord306
ord520
__vbaBoolVar
__vbaStrFixstr
ord307
ord308
ord309
__vbaRefVarAry
__vbaBoolVarNull
__vbaVarTstLt
__vbaFpR8
__vbaVargVar
_CIsin
__vbaErase
__vbaVarCmpGt
ord632
ord525
__vbaVargVarMove
__vbaChkstk
__vbaFileClose
ord526
__vbaGosubFree
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaVarAbs
ord528
ord529
__vbaStrCmp
__vbaPutOwner3
__vbaVarTstEq
__vbaAryConstruct2
__vbaR4Str
__vbaI2I4
__vbaObjVar
__vbaPrintObj
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
ord564
__vbaCastObjVar
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
__vbaUI1I2
_CIsqrt
ord310
__vbaVarAnd
__vbaLateIdCallSt
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord312
ord711
ord712
ord605
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaGosub
__vbaVarDiv
ord714
ord608
__vbaVarCmpLe
ord716
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
__vbaVarLateMemCallLdRf
__vbaNew2
__vbaInStr
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaVarSetObj
__vbaStrCopy
ord681
__vbaVarCmpLt
__vbaFreeStrList
__vbaVarNot
_adj_fdivr_m32
__vbaPowerR8
__vbaR8Var
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
ord610
__vbaAryLock
__vbaVarAdd
__vbaLateMemCall
ord612
__vbaVarDup
__vbaStrToAnsi
ord613
__vbaFpI2
ord614
__vbaFpI4
__vbaUnkVar
__vbaVarCopy
__vbaVarLateMemCallLd
__vbaVarTstGe
ord616
__vbaVarSetObjAddref
__vbaLateMemCallLd
ord617
_CIatan
__vbaAryCopy
__vbaStrMove
__vbaStrVarCopy
ord619
ord542
__vbaVarNeg
_allmul
__vbaVarLateMemCallSt
__vbaLateIdSt
ord545
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0633bf23d510f150a2ec5ffd5540a89f

Headers

File Characteristics

Imports

glu32

kernel32

gdi32

opengl32

msvbvm60

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 4KB - Virtual size: 102KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 4KB - Virtual size: 102KB

.rsrc
Size: 28KB - Virtual size: 27KB