70c1821953732ef743e4dd476c27ed23c3a590017cc4d9d0448f9477753ff4b4 | Triage

Sharing

General

Target

70c1821953732ef743e4dd476c27ed23c3a590017cc4d9d0448f9477753ff4b4
Size

1.4MB
MD5

d1ab9d4f2c2e7864b88e2fd6d8c5cb5c
SHA1

2f1e4d11411f486437212b27afb568d513d2857e
SHA256

70c1821953732ef743e4dd476c27ed23c3a590017cc4d9d0448f9477753ff4b4
SHA512

4a3ef0ddc3835b9130e4d24be90950d8d8718e27cb45ca986ea5fd577c98769ba18eaf258978daf3c29e259b9d2bcacabb0b57e1c129f76fe33de458074a1e3a
SSDEEP

24576:DlubgxKw3i5rPKlubgLlubgxlubgplubgalubghnoNlubg:D4sxKwy5ry4sL4sx4sp4sa4sc4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70c1821953732ef743e4dd476c27ed23c3a590017cc4d9d0448f9477753ff4b4

Files

70c1821953732ef743e4dd476c27ed23c3a590017cc4d9d0448f9477753ff4b4
.exe windows x86

7b447238236f82ddc08f33754b1a5943

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord587
MethCallEngine
ord300
ord301
ord595
ord303
ord304
ord598
ord306
ord520
ord307
ord309
ord631
ord632
EVENT_SINK_AddRef
EVENT_SINK_Release
ord600
ord310
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord312
ord717
ProcCallEngine
ord536
ord571
ord573
ord685
ord100
ord689
ord546
ord581

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ