674b260e854f9800479486830790c6fa17796e3fdb9159824f7bb98ff28b0569 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

674b260e854f9800479486830790c6fa17796e3fdb9159824f7bb98ff28b0569
Size

608KB
MD5

7cb385e8af2fabcf3bc8d6fa9537bcc6
SHA1

7850288c505b4d860a2f8474b130bba7b150f00d
SHA256

674b260e854f9800479486830790c6fa17796e3fdb9159824f7bb98ff28b0569
SHA512

07df1e82429897a84c592480130f95a24c92cca14fa91504b0dd2c24f586c3a19453f372e296ec3937782769c49d7ccb630d3e52f8505f3de6514aefa0d23b65
SSDEEP

12288:ufv00G0Ty+j/p1cRxaGOMcrxolc6x+Oo3L3BoP2YmLvTHnyCtilQ7BD8vJU:avjRrB1c7By6zo3tCYHnymIQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
674b260e854f9800479486830790c6fa17796e3fdb9159824f7bb98ff28b0569

Files

674b260e854f9800479486830790c6fa17796e3fdb9159824f7bb98ff28b0569
.dll regsvr32 windows x86

d69c6479660f6fc7022a75a7d35f4ebe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarSub

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 599KB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE