49e7c3101adbe0960bf72e5f2be17db2d2f5d61e6d8d48316fb34999639f87cd | Triage

Sharing

General

Target

49e7c3101adbe0960bf72e5f2be17db2d2f5d61e6d8d48316fb34999639f87cd
Size

1.2MB
MD5

5aafb95b460b15d640d0d619cf276dc0
SHA1

053a6a99753a4894e3e1462d02e54d3d38b420a9
SHA256

49e7c3101adbe0960bf72e5f2be17db2d2f5d61e6d8d48316fb34999639f87cd
SHA512

ac828307c7526a2b5a55d700a2f0e7e3e7561ed031a35bf263976fa507a74e4d0101026bb456585ca32a955984e6ff116c57261aeb6a9de3dc0bc59f01f9686d
SSDEEP

768:KkailpyeN2W/PigxQFbVNw/9iaPlslSDWF+ehQ3VpftpJ5yiyJyxQvWXoP3Ykei+:railpyFFKIH+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49e7c3101adbe0960bf72e5f2be17db2d2f5d61e6d8d48316fb34999639f87cd

Files

49e7c3101adbe0960bf72e5f2be17db2d2f5d61e6d8d48316fb34999639f87cd
.exe windows x86

17f2c4ba12a0428d155e56dad5236b30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord592
ord595
ord632
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord530
ord608
ord531
ProcCallEngine
ord647
ord100

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ