Apollo Builder (Macro Exploit)[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Apollo Builder (Macro Exploit).exe
Size

461KB
MD5

34b9aa06d044f5922e238711c3c4205b
SHA1

e98370abd689b7e57ee75b125b5225a546332985
SHA256

6609f19f80c67ba3be92e1fcff71b7bda85c94ebae0076d655c6bb94d332b873
SHA512

c00515b667bc1852a16199e1b2588866604fed596f92221ef353393beff202e893396b10d2f05b2455e0784710cac2fdf1ddc9a3660cf8e73f15181da809c803
SSDEEP

6144:2MSSysDWpzsCLYj92g0+jRHiNyWWPudysEKXia4nZ:2MxWzs99Q+9lohSa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Apollo Builder (Macro Exploit).exe

Files

Apollo Builder (Macro Exploit).exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ