9054e2c52d05bff27b8a81d123fa8bab19e5ee8201091ec2c4aa90d3c537f2a8N

General

Target

9054e2c52d05bff27b8a81d123fa8bab19e5ee8201091ec2c4aa90d3c537f2a8N
Size

5.1MB
MD5

8236a8d62e5e4f8b25cd57c0ad33d710
SHA1

c2e640b8bc3e33baadd45d1cb945860ee24c49c7
SHA256

9054e2c52d05bff27b8a81d123fa8bab19e5ee8201091ec2c4aa90d3c537f2a8
SHA512

8b2db31d4e24d37c21306c4ff20847413c8c51c2669bd3e08c266336722eea8c71ba144132ca8519fc2c731c0e89e2fcbadb2a63e069ccfa61f7e51757dc4e1b
SSDEEP

49152:bxItDAYstH0xMUH3TMmn/N/2GW/4joUJZu:b+DAYstqTHjMmtc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9054e2c52d05bff27b8a81d123fa8bab19e5ee8201091ec2c4aa90d3c537f2a8N

Files

9054e2c52d05bff27b8a81d123fa8bab19e5ee8201091ec2c4aa90d3c537f2a8N
.dll regsvr32 windows:4 windows x86 arch:x86

b07cb073c3cabd2e06b4d84211e2fb3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

ord582
ord583
ord690
ord691
ord584
ord692
ord585
ord586
ord587
ord588
ord697
MethCallEngine
ord516
ord517
ord518
ord626
ord519
ord552
ord553
ord660
ord661
ord662
ord556
ord663
ord557
ord558
ord591
ord592
ord593
ord300
ord594
ord301
ord595
ord303
ord702
ord703
ord598
ord305
ord306
ord705
ord520
ord307
ord309
ord523
ord709
ord524
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord527
ord528
ord529
ord560
ord561
ord562
DllFunctionCall
ord563
ord564
EVENT_SINK_Release
ord600
ord601
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord313
ord712
ord606
ord714
ord607
ord715
ord530
ord608
ord317
ord716
ord318
ProcCallEngine
ord644
ord537
ord645
ord648
ord571
ord572
ord681
ord578
ord685
ord101
ord102
ord103
ord689
ord104
ord610
ord105
ord612
ord613
ord614
ord616
ord617
ord618
ord619
ord542
ord543
ord650
ord544
ord545
ord546
ord547
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b07cb073c3cabd2e06b4d84211e2fb3c

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.data Size: - Virtual size: 135KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 120KB - Virtual size: 118KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: - Virtual size: 135KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 120KB - Virtual size: 118KB