PipeData-PRO72[.]7z | Triage

Resubmissions

03-08-2023 05:45

230803-gfxq4acg4x 3

03-08-2023 04:49

230803-ff255sce41 7

Sharing

General

Target

PipeData-PRO72.7z
Size

95KB
MD5

88704a3a6820135d684e448b6457a002
SHA1

fa7d6af71b47976630aa255b73638f8725f542da
SHA256

8bbf980aebd28df8175c2b3d8956a0ebbb72de3a2b355329bbbb90fd0673a2d4
SHA512

248f10a37babb3de4ceb5c1e827fd391656296ed5cef6c964f44688f49a354c3d85ac6979114485b57847ee89b553ceb530f813bf27c5c2cd77d629c1fb12381
SSDEEP

1536:FWWCjavMKur1vOU6RsXk2fgnj6k0LnN6IjdrnW4nOnX9ot9nx1/V6OupTKlwNCej:EljFt1vObcvOj6k0LN6I5TWPX89ngt+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PipeData-PRO72.exe

Files

PipeData-PRO72.7z
.7z

Password: @pple@123
PipeData-PRO72.exe
.exe windows x86

Password: @pple@123

55913c55428872193bcb38688c9d21e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord585
ord588
ord589
MethCallEngine
ord621
ord519
ord660
ord595
ord597
ord599
ord631
EVENT_SINK_AddRef
ord527
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord530
ord609
ord534
ProcCallEngine
ord536
ord647
ord570
ord571
ord685
ord100
ord689
ord610
ord611
ord613
ord581

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ