4a28c58ec83fa789546a2f63a2852ebdeb78b125d1b7eaa84c7d7716369df919

Sharing

Copy URL Twitter E-mail

General

Target

4a28c58ec83fa789546a2f63a2852ebdeb78b125d1b7eaa84c7d7716369df919
Size

128KB
MD5

59788d37fbae8bb21801ab9c906462fe
SHA1

ee257af2159c2738b28849dc29b11c7c0df2e97e
SHA256

4a28c58ec83fa789546a2f63a2852ebdeb78b125d1b7eaa84c7d7716369df919
SHA512

830a7adea5cdc8d29a5f85963044b55070d6ab40cfa9db1413b746c76cee86fba7f92ce3b9b52491db53a56808b7662ee056e7ac3e19839cc1a9f357a7aab62a
SSDEEP

3072:caMPtYpXhM6vM+WIElp4VQoDOwyjZuvrDvWuHHUo:caMPmpi6U+W/lnoDcarT3H0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f4f4de3f194acb135d2419c8ec3bbca2a15cbeaecdfb54471dc21f34a0ed530f

Files

4a28c58ec83fa789546a2f63a2852ebdeb78b125d1b7eaa84c7d7716369df919
.zip

Password: infected
f4f4de3f194acb135d2419c8ec3bbca2a15cbeaecdfb54471dc21f34a0ed530f
.exe windows:4 windows x86 arch:x86

13070347b81441bc4a761abbdf23d70e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
__vbaVarSub
ord583
__vbaStrI2
ord584
_CIcos
_adj_fptan
ord585
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
ord187
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
ord589
__vbaFreeVarList
__vbaPut3
__vbaEnd
_adj_fdiv_m64
__vbaPut4
__vbaRaiseEvent
__vbaFreeObjList
__vbaR8Sgn
ord516
__vbaStrErrVarCopy
_adj_fprem1
ord518
__vbaI2Abs
__vbaStrCat
ord552
ord553
ord660
__vbaLsetFixstr
ord661
__vbaSetSystemError
__vbaRecDestruct
ord662
__vbaHresultCheckObj
__vbaLenBstrB
ord555
ord663
ord665
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaLateMemSt
ord669
__vbaVarIndexLoadRefLock
__vbaExitProc
__vbaVarForInit
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
__vbaFpR4
__vbaBoolVar
__vbaStrFixstr
ord520
ord706
ord707
__vbaVarTstLt
__vbaBoolVarNull
__vbaFpR8
_CIsin
__vbaErase
ord709
__vbaVarZero
ord632
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaGet3
__vbaStrCmp
__vbaVarTstEq
__vbaAryConstruct2
__vbaPutOwner3
__vbaDateR8
__vbaPrintObj
__vbaI2I4
DllFunctionCall
__vbaVarOr
__vbaCastObjVar
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaFpCmpCy
__vbaVarMul
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord712
__vbaDateStr
ord606
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
ord607
ord608
__vbaFPException
ord717
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
__vbaGetOwner4
__vbaVarCat
__vbaDateVar
ord535
__vbaI2Var
ord644
ord538
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
__vbaInStr
__vbaVar2Vec
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
ord681
__vbaFreeStrList
__vbaDerefAry1
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord578
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
ord610
__vbaAryLock
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord614
__vbaFpI2
__vbaFpI4
__vbaVarCopy
ord617
_CIatan
__vbaCastObj
__vbaStrMove
__vbaAryCopy
ord619
__vbaStrVarCopy
ord542
_allmul
ord545
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaUI1Var
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
__vbaI4ErrVar
ord581

Sections

.text
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

13070347b81441bc4a761abbdf23d70e

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 344KB - Virtual size: 340KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 344KB - Virtual size: 340KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 17KB