Overview

overview

8

Static

static

8

ModbusPoll...it.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ModbusPollSetup64Bit.exe

  • Size

    2.0MB

  • MD5

    c9dfd7e7a933ec283dc8ab0fd0c1aec5

  • SHA1

    38b79e561c45793509be9d2178684aab8d73badc

  • SHA256

    5bf9ae03388afe80a6491d6bf20656775342302131739e777795431eb095549f

  • SHA512

    f841bf0ffa3e47526dbfe38c4d47b572115bf69f24ce189a108beb0d630832cb937ac56a3861bd67f1195ef0747f1c43ac7b51b7ff7d2f17eb7501e652158378

  • SSDEEP

    49152:cFMp7ti7oI1vZk6OAyMJIzTfevQWF/Rwx1eV6UuWpEIra:cFOi7oIJFUMJIzTq/RwevNa

Score
8/10
macro

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • ModbusPollSetup64Bit.exe
    .exe windows:4 windows x86 arch:x86

    56a78d55f3f7af51443e58e0ce2fb5f6


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    4b45b7e00344a87332fbd12653854d1a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • ReadMe.txt
  • content.css
  • examples/excel/example.xlsm
    .xlsm office2007

    Sheet1

    Sheet2

    Sheet3

    ThisWorkbook

  • images/mbpoll-address-in-cell.png
    .png
  • images/mbpoll-address-scan.png
    .png
  • images/mbpoll-cell-colors.png
    .png
  • images/mbpoll-chart-link.png
    .png
  • images/mbpoll-chart.png
    .png
  • images/mbpoll-color-selection.png
    .png
  • images/mbpoll-communication-traffic.png
    .png
  • images/mbpoll-connection-setup.png
    .png
  • images/mbpoll-definition-button.png
    .png
  • images/mbpoll-definition.png
    .png
  • images/mbpoll-disabled.png
    .png
  • images/mbpoll-error-line.png
    .png
  • images/mbpoll-excel-developer-tab.png
    .png
  • images/mbpoll-excel-log-example.png
    .png
  • images/mbpoll-excel-log.png
    .png
  • images/mbpoll-font-selection.png
    .png
  • images/mbpoll-new-window.png
    .png
  • images/mbpoll-once-button.png
    .png
  • images/mbpoll-plc-address.png
    .png
  • images/mbpoll-save-copy-series.png
    .png
  • images/mbpoll-scaling.png
    .png
  • images/mbpoll-series-settings.png
    .png
  • images/mbpoll-text-log.png
    .png
  • images/mbpoll-write-single-register.png
    .png
  • images/mbpoll.png
    .png
  • images/readwritemenu.png
    .png
  • layout.css
  • license.txt
  • mbpoll-user-manual.html
    .html
  • mbpoll.chm
    .chm
  • mbpoll.exe
    .exe windows:6 windows x64 arch:x64

    13ebf8d7c36c43f4d51202d2e429793b


    Code Sign

    Headers

    Imports

    Sections

  • mbpoll.tlb
  • quick.html
    .html