36da459a10612b047ce5eb71a914608335d187c70769174816524b12d626818e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36da459a10612b047ce5eb71a914608335d187c70769174816524b12d626818e
Size

428KB
MD5

5ea51909f6af666e3b0ef0e7b9718c85
SHA1

38badea60b86a824ef8939c4c9f35803e16aa3e6
SHA256

36da459a10612b047ce5eb71a914608335d187c70769174816524b12d626818e
SHA512

2ced4ce15977dfde61410947b1a49f4430173e5cfe78fa1a0dacb3abd8059daac09b446c95dfe0c4f47d1b0d081d1194e2d9b0e66fe996457f43acc848fb97e0
SSDEEP

6144:upmBWhbM+610o6t/biTWt/NL1GO3+aCqXJjkVBt6V:XCbMB07pbOWgO3+aCqXJwQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36da459a10612b047ce5eb71a914608335d187c70769174816524b12d626818e

Files

36da459a10612b047ce5eb71a914608335d187c70769174816524b12d626818e
.exe windows x86

cd5f5592efddac412795a30eae68365d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord588
ord589
MethCallEngine
ord516
ord553
ord660
ord662
ord300
ord595
ord303
ord598
ord306
ord520
ord522
ord309
ord524
ord632
EVENT_SINK_AddRef
ord560
ord561
DllFunctionCall
ord567
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord714
ord607
ord608
ord317
ord318
ord717
ord534
ProcCallEngine
ord535
ord645
ord570
ord648
ord573
ord681
ord576
ord578
ord685
ord100
ord613
ord617
ord619
ord542
ord545
ord546
ord581

Sections

.text
Size: 420KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ