9d198fff8cdd9d7ebc94fc567bf81525[.]zip | Triage

Sharing

General

Target

9d198fff8cdd9d7ebc94fc567bf81525.zip
Size

69KB
MD5

fd76ab7a49dd6697e642198a58ae846c
SHA1

83d928941e61c947e10233e23a6621088b2f905b
SHA256

023f5a0088b82e0258f1326467225fc4f8b3de600ba657b28b0cb103a76df046
SHA512

3e37d73bd502f8aac367fe0fb9f61518397dffcd1d962109ca8306e3c63890a33e3f80d5057f31eb9752e3448fa44cd27600a22306b89d6ad743f6952a0aca69
SSDEEP

1536:3bQ2deVUgyYtOwHeipPqNg/VuDjWYrGDQuVrT1Twhq1fv6LLLxTnPIQ//MsxrI:3b1deygyYZkO/VgGDpVVWXLLLxR/EB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c2aea531bf26ee361b3b14e7a22f91a4ff85d4fd93eca4dca85f692c123a7d50

Files

9d198fff8cdd9d7ebc94fc567bf81525.zip
.zip

Password: infected
c2aea531bf26ee361b3b14e7a22f91a4ff85d4fd93eca4dca85f692c123a7d50
.exe windows:4 windows x86 arch:x86

Password: infected

b1056c90aef8f53531198a7b4faafb51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord187
MethCallEngine
ord516
ord517
ord518
ord519
ord660
ord669
ord595
ord598
ord520
ord709
ord631
ord632
ord526
EVENT_SINK_AddRef
ord527
ord528
ord561
DllFunctionCall
ord564
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ProcCallEngine
ord535
ord537
ord644
ord645
ord570
ord573
ord681
ord575
ord578
ord100
ord579
ord689
ord616
ord617
ord618
ord619
ord650
ord581

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uymjvvy
Size: - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE