Purchase_Specifications[.]xls

Sharing

Copy URL

Twitter E-mail

General

Target

Purchase_Specifications.xls
Size

89KB
MD5

bd3bc369b662a2a535dc0d2594cd5382
SHA1

4a7fc4e0d97e530c197dee293187b46d3a6545aa
SHA256

6a6694d8f20335031b678ac80057b40fc6b428e9c1eb5c6f013ee8673a3bdec2
SHA512

1f2b27b086650206e5d3d02fd44750d4ab94017a4de310e34134dbcfb48f7afc5b6b0161c05db128b80814156523846e20e4e3e76400c98b8185939006203003
SSDEEP

768:35WNN1P5o3lP+PCp9wDw7/4p8ZrlpDtBUIl3C:35cN3o3lP+PCp9wDherlpfUe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Purchase_Specifications.xls

Files

Purchase_Specifications.xls
.xll .xls windows:1 windows x86 arch:x86

793a0219efb93b7489d5adee7877d38a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeviceCapabilitiesExW
SetDIBColorTable
MaskBlt
SetMiterLimit
GetWindowOrgEx
EnableEUDC
RealizePalette

oleaut32

LPSAFEARRAY_UserMarshal
VarUI2FromDate
VarUI4FromI8
VarUI1FromStr
VarCat

wininet

GopherOpenFileA
InternetOpenUrlW
InternetSetCookieW

Exports

Exports

xlAutoOpen

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hJTgz
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

39LQgBl
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

iGRiqG
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sgOm9tq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

7DijO
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

b
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pyg5
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

aur
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

dtu
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

R0Tm5
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

4D
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

F84MN4
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Cmc3mlo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

iZyeuR
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bw7SQZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

g
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l1cInx1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

v
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Z5csx
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YY7
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

VyRva
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TqET
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

G
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

gEL
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

nxO2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

KWUl
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lK8
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

yc11nn
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

1U9wQo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

73zZg0P
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XJV0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

S05e
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ai8isP
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WPiMPH
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

K3Fgqf
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Hopt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6tOWlp9
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

NpAF
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NUtr9bR
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

4yQwT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 108B

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

793a0219efb93b7489d5adee7877d38a

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 512B

1 Size: - Virtual size: 512B

hJTgz Size: - Virtual size: 512B

39LQgBl Size: - Virtual size: 512B

iGRiqG Size: - Virtual size: 512B

sgOm9tq Size: 4KB - Virtual size: 4KB

7DijO Size: - Virtual size: 512B

b Size: - Virtual size: 512B

pyg5 Size: 4KB - Virtual size: 4KB

aur Size: - Virtual size: 512B

dtu Size: - Virtual size: 512B

R0Tm5 Size: 4KB - Virtual size: 4KB

T Size: 4KB - Virtual size: 4KB

4D Size: - Virtual size: 512B

F84MN4 Size: - Virtual size: 512B

Cmc3mlo Size: 4KB - Virtual size: 4KB

iZyeuR Size: - Virtual size: 512B

bw7SQZ Size: 4KB - Virtual size: 4KB

g Size: - Virtual size: 512B

l1cInx1 Size: 4KB - Virtual size: 4KB

v Size: - Virtual size: 512B

Z5csx Size: - Virtual size: 512B

kE Size: 4KB - Virtual size: 4KB

YY7 Size: - Virtual size: 512B

VyRva Size: - Virtual size: 512B

TqET Size: - Virtual size: 512B

G Size: 4KB - Virtual size: 4KB

gEL Size: - Virtual size: 512B

nxO2 Size: 4KB - Virtual size: 4KB

KWUl Size: - Virtual size: 512B

lK8 Size: - Virtual size: 512B

yc11nn Size: 4KB - Virtual size: 4KB

1U9wQo Size: 4KB - Virtual size: 4KB

73zZg0P Size: - Virtual size: 512B

XJV0 Size: 4KB - Virtual size: 4KB

S05e Size: 4KB - Virtual size: 4KB

ai8isP Size: 4KB - Virtual size: 4KB

A Size: 4KB - Virtual size: 4KB

WPiMPH Size: 4KB - Virtual size: 4KB

K3Fgqf Size: - Virtual size: 512B

Hopt Size: 4KB - Virtual size: 4KB

6tOWlp9 Size: 4KB - Virtual size: 4KB

NpAF Size: 4KB - Virtual size: 4KB

NUtr9bR Size: - Virtual size: 512B

4yQwT Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 108B

.reloc Size: 512B - Virtual size: 8B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 512B

1
Size: - Virtual size: 512B

hJTgz
Size: - Virtual size: 512B

39LQgBl
Size: - Virtual size: 512B

iGRiqG
Size: - Virtual size: 512B

sgOm9tq
Size: 4KB - Virtual size: 4KB

7DijO
Size: - Virtual size: 512B

b
Size: - Virtual size: 512B

pyg5
Size: 4KB - Virtual size: 4KB

aur
Size: - Virtual size: 512B

dtu
Size: - Virtual size: 512B

R0Tm5
Size: 4KB - Virtual size: 4KB

T
Size: 4KB - Virtual size: 4KB

4D
Size: - Virtual size: 512B

F84MN4
Size: - Virtual size: 512B

Cmc3mlo
Size: 4KB - Virtual size: 4KB

iZyeuR
Size: - Virtual size: 512B

bw7SQZ
Size: 4KB - Virtual size: 4KB

g
Size: - Virtual size: 512B

l1cInx1
Size: 4KB - Virtual size: 4KB

v
Size: - Virtual size: 512B

Z5csx
Size: - Virtual size: 512B

kE
Size: 4KB - Virtual size: 4KB

YY7
Size: - Virtual size: 512B

VyRva
Size: - Virtual size: 512B

TqET
Size: - Virtual size: 512B

G
Size: 4KB - Virtual size: 4KB

gEL
Size: - Virtual size: 512B

nxO2
Size: 4KB - Virtual size: 4KB

KWUl
Size: - Virtual size: 512B

lK8
Size: - Virtual size: 512B

yc11nn
Size: 4KB - Virtual size: 4KB

1U9wQo
Size: 4KB - Virtual size: 4KB

73zZg0P
Size: - Virtual size: 512B

XJV0
Size: 4KB - Virtual size: 4KB

S05e
Size: 4KB - Virtual size: 4KB

ai8isP
Size: 4KB - Virtual size: 4KB

A
Size: 4KB - Virtual size: 4KB

WPiMPH
Size: 4KB - Virtual size: 4KB

K3Fgqf
Size: - Virtual size: 512B

Hopt
Size: 4KB - Virtual size: 4KB

6tOWlp9
Size: 4KB - Virtual size: 4KB

NpAF
Size: 4KB - Virtual size: 4KB

NUtr9bR
Size: - Virtual size: 512B

4yQwT
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 108B

.reloc
Size: 512B - Virtual size: 8B