d0141ff1cb3b68784f4489b666fc6d37babf13d8a4c33e3019a8a62c042fd6c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0141ff1cb3b68784f4489b666fc6d37babf13d8a4c33e3019a8a62c042fd6c3
Size

76KB
MD5

38d8e085ba60fb5e9462c935cba50952
SHA1

b894d7f854ec0de3672df0b4fd531e8710cafced
SHA256

d0141ff1cb3b68784f4489b666fc6d37babf13d8a4c33e3019a8a62c042fd6c3
SHA512

60c05d0d117bf49b62ff9007af0aece47dbadb4acd5f3fbd2f0a5fe5f4c28213d8d182aabd4c47151915f8dffa8dae7fe76f81d0974d35693fd304140839fb39
SSDEEP

384:e3LpRUx+ZfnNeiCyU0laI/mng/9knfwfkLaAGz7vLA7Z8h9DswGjyNN3nJ2PGiyO:XTjwA0zq8hCw9N3nJTiykgd

Score

N/A

Malware Config

Signatures

Files

d0141ff1cb3b68784f4489b666fc6d37babf13d8a4c33e3019a8a62c042fd6c3
.exe windows x86

d814336d0c9241d62751f5f0f87288bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW
ShowWindow

msvbvm60

MethCallEngine
ord516
ord525
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord645
ord100

kernel32

GetProcAddress
FreeResource
RtlMoveMemory
LoadResource
SizeofResource
LoadLibraryA
FreeLibrary
LockResource
ExitProcess

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE