General

  • Target

    ModbusPollSetup64Bit.exe

  • Size

    2.0MB

  • MD5

    5b8dcba0df3ab616ef9cf403715d38d9

  • SHA1

    f31502f02650c41e68ec7de65eaab908f653cb48

  • SHA256

    8e2564f10ff6e1f185eeb5d681cc66d647a40e9d877ca579ca0787e6a6b952d1

  • SHA512

    53aa4076e9b865493858a799bd810057a85f454b59da8aadde05f0e345a750b971dda6eff95d11898a05e738c8c6e5d64309b2b6031f58e0bcf5554a8c19bc0f

  • SSDEEP

    49152:NeEqPMhYOw69akpHRfjm3s2AJDggFzyWj9aZxZx1eV6UuWpEIrC:NNRhY0L88/xgWzyfpevNC

Score
8/10

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • ModbusPollSetup64Bit.exe
    .exe windows:4 windows x86 arch:x86

    f4639a0b3116c2cfc71144b88a929cfd


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    85f08eb0cbec010ecbc287fa68321173


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    509a34b3a68a773e0afb4259e68f9f82


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    3b477381217c97b22146297f93df2a92


    Headers

    Imports

    Exports

    Sections

  • ReadMe.txt
  • content.css
  • examples/excel/example.xlsm
    .xlsm office2007

    Sheet1

    Sheet2

    Sheet3

    ThisWorkbook

  • images/mbpoll-address-in-cell.png
    .png
  • images/mbpoll-address-scan.png
    .png
  • images/mbpoll-cell-colors.png
    .png
  • images/mbpoll-chart-link.png
    .png
  • images/mbpoll-chart.png
    .png
  • images/mbpoll-color-selection.png
    .png
  • images/mbpoll-communication-traffic.png
    .png
  • images/mbpoll-connection-setup.png
    .png
  • images/mbpoll-definition-button.png
    .png
  • images/mbpoll-definition.png
    .png
  • images/mbpoll-disabled.png
    .png
  • images/mbpoll-error-line.png
    .png
  • images/mbpoll-excel-developer-tab.png
    .png
  • images/mbpoll-excel-log-example.png
    .png
  • images/mbpoll-excel-log.png
    .png
  • images/mbpoll-font-selection.png
    .png
  • images/mbpoll-new-window.png
    .png
  • images/mbpoll-once-button.png
    .png
  • images/mbpoll-plc-address.png
    .png
  • images/mbpoll-save-copy-series.png
    .png
  • images/mbpoll-scaling.png
    .png
  • images/mbpoll-series-settings.png
    .png
  • images/mbpoll-text-log.png
    .png
  • images/mbpoll-write-single-register.png
    .png
  • images/mbpoll.png
    .png
  • images/readwritemenu.png
    .png
  • layout.css
  • license.txt
  • mbpoll-user-manual.html
    .html
  • mbpoll.chm
    .chm
  • mbpoll.exe
    .exe windows:6 windows x64 arch:x64

    7ae7759667202e6a4fef457ef4b516da


    Code Sign

    Headers

    Imports

    Sections

  • mbpoll.tlb
  • quick.html
    .html