f145120aff787a104298a23bbc0a66740a2db5943dabb4af45e90453ee4e2c76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f145120aff787a104298a23bbc0a66740a2db5943dabb4af45e90453ee4e2c76
Size

388KB
MD5

68cfc7c42001ddd443a30705c4ac5e4d
SHA1

27f7356851ca40e2490fedc8ab6af72b862bc155
SHA256

f145120aff787a104298a23bbc0a66740a2db5943dabb4af45e90453ee4e2c76
SHA512

f79ae605183ae743427f47cb60772a0167153b6cbe721a531694dcf679681f056f1735b1b9e7e50e7e249a1e5e6b628972995f7923e0b55791108a1e5bb09a24
SSDEEP

3072:MRMiMDcyj5IFVwAZlwys9ldN/i4+0ZhuW+mP34s5SGr+culS9F9xrj69:MRMiE79KwAZlVs9/smu2AVuKS9FH6

Score

N/A

Malware Config

Signatures

Files

f145120aff787a104298a23bbc0a66740a2db5943dabb4af45e90453ee4e2c76
.exe windows x86

57aec85b8994baa395f873f824332fb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory

msvbvm60

MethCallEngine
ord516
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord608
ProcCallEngine
ord644
ord100
ord616

Sections

.text
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE