a11866f296696d747d60f826f80fcd21268d638c4ed505a758d696b7e0560ab3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a11866f296696d747d60f826f80fcd21268d638c4ed505a758d696b7e0560ab3
Size

184KB
MD5

d8745c085f44fe5a8c80966d5ed7ee98
SHA1

4edff1481e5318b9c4b25ad0b2504885af164b61
SHA256

a11866f296696d747d60f826f80fcd21268d638c4ed505a758d696b7e0560ab3
SHA512

c0a539535ec44191ed232335a36201d3e6ebf9147eac0b0bbb56ec4d36562897c60634afd9c7c75b815c1113dc8e4bd437c4886dbd52aee7544e055c9f259505
SSDEEP

768:iivE/NzwAIsFueP6VC18MZyuF7CpQjcI7XQME:TaIso1dMZ/FOpRIXQX

Score

N/A

Malware Config

Signatures

Files

a11866f296696d747d60f826f80fcd21268d638c4ed505a758d696b7e0560ab3
.exe windows x86

65c546fda9923b9caed15fd0da8fb679

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW

kernel32

WriteProcessMemory

msvbvm60

ord582
ord583
ord584
ord696
ord516
ord628
ord660
ord593
ord520
ord525
ord632
ord526
DllFunctionCall
ord601
__vbaExceptHandler
ord606
ord608
ord716
ProcCallEngine
ord535
ord644
ord572
ord573
ord575
ord100
ord616
ord617
ord546
ord581

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ