02b71f5b9a699b02e77603b7bafb7e9c579be45785af2abb5c1c2b49b4f438bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02b71f5b9a699b02e77603b7bafb7e9c579be45785af2abb5c1c2b49b4f438bd
Size

3.1MB
MD5

26683a4a0147ebd0aded4f21977a9089
SHA1

83c5eb480e876273f060bcefab58cd36c855a42e
SHA256

02b71f5b9a699b02e77603b7bafb7e9c579be45785af2abb5c1c2b49b4f438bd
SHA512

3e7c1431da191fd22ece135fe38d6eb40d9fad6da5ee28ae10c505cc32f7f54dde7b5d7b9e4857b202d3df4afab4dae9bf3a3bfcd548187a632a99246f108927
SSDEEP

49152:kmazOAAbtjnb1apt6qM9Aso4Ujv1qSIvw2qUZRsGF0s75utRM9SU6gvnXGu:x1SfM9ANzgSxXfi0seuSNsnXGu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b71f5b9a699b02e77603b7bafb7e9c579be45785af2abb5c1c2b49b4f438bd

Files

02b71f5b9a699b02e77603b7bafb7e9c579be45785af2abb5c1c2b49b4f438bd
.exe windows:4 windows x86 arch:x86

006aa32705c27d3161b97b32dd7b3245

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

kernel32

GetModuleFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 2.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 944KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ