SandboxAnalysis_DownloadSample_141e0810297ed205ad354c172f5f49c9f426fc5c[.]zip

General

Target

SandboxAnalysis_DownloadSample_141e0810297ed205ad354c172f5f49c9f426fc5c.zip
Size

136KB
MD5

9e71dbd63bd92a6c57ef7f236495cb43
SHA1

9979fdbebf90ba9f78a98573d2fd7ce1790fa06b
SHA256

fde8acf971cba70ca0b162718f2683ceee54320ecb1457fec612e7f0769126f7
SHA512

e56832f8930c46240be4208a2acb9a068d894ab70f87f3a9ed3b95f9dbc7977133ac43a497577ef2d865dd1b3c2edab50589b892c4f067aa95609a9c9f7fef8d
SSDEEP

3072:XsJ+H0cyFU8gEKXbLR1fg3PPtcjnfSKZijOtcM/oMKSe:XDUI8gEKXbFAajfCxM//K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4BFCDAB91905089E1F37D268519CE18BEBD385C83AC10E0DEF8D4CF5BD47752D

Files

SandboxAnalysis_DownloadSample_141e0810297ed205ad354c172f5f49c9f426fc5c.zip
.zip

Password: Z01q_hXS
4BFCDAB91905089E1F37D268519CE18BEBD385C83AC10E0DEF8D4CF5BD47752D
.exe windows:4 windows x86 arch:x86

Password: Z01q_hXS

2e3c5862b0d41416137c918545ac1c06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaNextEachVar
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaForEachCollAd
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVarNull
_CIsin
__vbaVarZero
__vbaChkstk
EVENT_SINK_AddRef
__vbaVarTstEq
__vbaObjVar
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord607
ord716
__vbaFPException
__vbaStrCompVar
__vbaStrVarVal
ord537
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaLateMemCall
__vbaVarAdd
__vbaVarLateMemCallLd
__vbaLateMemCallLd
_CIatan
__vbaStrMove
__vbaForEachVar
_allmul
_CItan
__vbaNextEachCollAd
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: Z01q_hXS

Password: Z01q_hXS

2e3c5862b0d41416137c918545ac1c06

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 76KB - Virtual size: 74KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 128KB - Virtual size: 156KB

.text
Size: 76KB - Virtual size: 74KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 128KB - Virtual size: 156KB