7e104e94c2a2f1f9ee10ba5c7e70d6ec[.]bin | Triage

Sharing

General

Target

7e104e94c2a2f1f9ee10ba5c7e70d6ec.bin
Size

665KB
MD5

7e104e94c2a2f1f9ee10ba5c7e70d6ec
SHA1

02b8a65430ae611baa46ca48c4b4e1ebcc9101aa
SHA256

ebf4048af02f662e08746174979921767cfe327a76664493f90b34c304aa9bbe
SHA512

44d80b4e8429448aebab720ef8ff61086a70d06647a1f024f2397f5f1ae1258368dcce8da5f315d27eb5e14efc9349f016ea6b1e4f15302ccd069fa98705c490
SSDEEP

6144:8KDEo6in3CfUzXZjCjf79GnMTvQD5Y3cFDCStRz0MCfUztDzI7ybK7Ju:mo6qhCVYq3mtRz0LUztz/K7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e104e94c2a2f1f9ee10ba5c7e70d6ec.bin

Files

7e104e94c2a2f1f9ee10ba5c7e70d6ec.bin
.exe windows:4 windows x86 arch:x86

d86ff6924fbf07cb1d4b2391656ee85e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
rtcAnsiValueBstr
rtcMsgBox
rtcDoEvents
rtcMidCharVar
rtcSpaceVar
EVENT_SINK_AddRef
rtcKillFiles
DllFunctionCall
EVENT_SINK_Release
rtcShell
EVENT_SINK_QueryInterface
__vbaExceptHandler
rtcVarBstrFromAnsi
ProcCallEngine
rtcDir
ThunRTMain
rtcLeftCharVar

msvcrt

___lc_handle_func

Sections

.text
Size: 485KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 177KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HaoTian
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE