c1eda502f93cfb27ab359369039c72a08e91a6574759affd3a997f261dc7f21c[.]zip

General

Target

c1eda502f93cfb27ab359369039c72a08e91a6574759affd3a997f261dc7f21c.zip
Size

54KB
MD5

69d75d32e0e9478755537bbe66eec266
SHA1

62bb06f5e34978a7e28b764715bbadee1229bf42
SHA256

c1eda502f93cfb27ab359369039c72a08e91a6574759affd3a997f261dc7f21c
SHA512

406fad890511e0f5ec27a1d63327d0533974d6d785b89c882d23ec289e5d64a9c61801f04b77da420f35397a978afec8de4bfc1eeada555db11441774e550a61
SSDEEP

1536:qMLVTQ+wRB8lBjH4PId9e0A/0axz1/rP01rhb2KfbfdZJ:qM53IS7YQDo/0uBrP62MbXJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/REVISED ORDER.exe

Files

c1eda502f93cfb27ab359369039c72a08e91a6574759affd3a997f261dc7f21c.zip
.zip

Password: infected
8985c5cb73dffe5d35d7f8c3975ab629303f4f582d1f7f6134638c57d1f89862.zip
.zip
REVISED ORDER.exe
.exe windows:4 windows x86 arch:x86

0423d0a3e2311a003d6bd832530bcba1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
__vbaEnd
ord697
_adj_fdiv_m64
_adj_fprem1
ord518
ord519
__vbaStrCat
ord553
__vbaHresultCheckObj
__vbaLenBstrB
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
ord591
ord592
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord708
_CIsin
ord631
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaAryConstruct2
ord563
ord673
_adj_fpatan
ord677
ord678
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
ord646
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
ord687
__vbaVarDup
_CIatan
__vbaAryCopy
__vbaStrMove
ord618
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

0423d0a3e2311a003d6bd832530bcba1

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 204KB - Virtual size: 203KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 204KB - Virtual size: 203KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 2KB