f4c8482b3a6f0580e28837e783ac724cb04766c8441a1162e944ca70cd8fa9b0[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

f4c8482b3a6f0580e28837e783ac724cb04766c8441a1162e944ca70cd8fa9b0.7z
Size

236KB
MD5

50059606a7217684e5b40b8332e52f6b
SHA1

5d66e5b6b945998939c200ee98177dfd11c1f882
SHA256

9152349f79b127dd66d276a1dc445d069494636b91fedfe5b6ef1d65ef703a46
SHA512

05b27c2a2e7835fb0893c34ed80db1861eba2683d29a30b21a27d6cb524a8448c5da1a6e996ecb61818e69914a54835141fadc24ed277db3098600d869e00f69
SSDEEP

6144:MUMQPrdvjiroYaNGEIAc4JUtL0T5qMsCsSKCsx:MUMQPrtWkYwjIAwL0qpC/O

Score

1^/10

Malware Config

Signatures

Files

f4c8482b3a6f0580e28837e783ac724cb04766c8441a1162e944ca70cd8fa9b0.7z
.7z

Password: malware
cc.exe
.exe windows:4 windows x86 arch:x86

d4c109bf6a28749f2804db492a937109

Code Sign

01
Certificate

Issuer

CN=Enclose Gear 18',O=Gear Trophy Corp 18',C=CN

Not Before

26/11/2018, 09:46

Not After

25/11/2022, 09:46

Subject

CN=Enclose Gear 18',O=Gear Trophy Corp 18',C=CN

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4a:3a:d3:0d:f3:da:19:cb:22:91:b0:36:2c:09:10:25:45:3e:94:d8:95:26:81:5b:54:82:fb:dc:09:6b:20:1d
Signer

Actual PE Digest

4a:3a:d3:0d:f3:da:19:cb:22:91:b0:36:2c:09:10:25:45:3e:94:d8:95:26:81:5b:54:82:fb:dc:09:6b:20:1d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaCyMul
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
ord698
_adj_fprem1
__vbaStrCat
ord660
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenBstrB
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
DllFunctionCall
ord671
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaInStrB
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
ord616
ord617
__vbaLateMemCallLd
_CIatan
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 552KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: malware

d4c109bf6a28749f2804db492a937109

Code Sign

01Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

4a:3a:d3:0d:f3:da:19:cb:22:91:b0:36:2c:09:10:25:45:3e:94:d8:95:26:81:5b:54:82:fb:dc:09:6b:20:1dSigner

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 552KB - Virtual size: 548KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 10KB

01
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

4a:3a:d3:0d:f3:da:19:cb:22:91:b0:36:2c:09:10:25:45:3e:94:d8:95:26:81:5b:54:82:fb:dc:09:6b:20:1d
Signer

.text
Size: 552KB - Virtual size: 548KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 10KB