064af91e3862d68814c3b8a40d9a3ddb4de8cc33d8536516f70640ee37935061 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

064af91e3862d68814c3b8a40d9a3ddb4de8cc33d8536516f70640ee37935061
Size

1.0MB
MD5

875285c8969a9b9f5f5a35dcf1018baf
SHA1

00cf4c5c71a3d1462021ca497ec8667e6be807cc
SHA256

064af91e3862d68814c3b8a40d9a3ddb4de8cc33d8536516f70640ee37935061
SHA512

607328ba21beb02926bf8f49913c97f7dfbef85888f8a60469680a22b823010da065a7ac5f780d70d003e6160d1455565c2a9ee2252e8948e5311104ec765f8f
SSDEEP

12288:r7fOG/vCY/M5hM8q6JHdohzZVOTSqcxqRBKFdF6/u0OmeREJq:rjB/vr/M5K3zzxgBK4u0Om8EJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
064af91e3862d68814c3b8a40d9a3ddb4de8cc33d8536516f70640ee37935061

Files

064af91e3862d68814c3b8a40d9a3ddb4de8cc33d8536516f70640ee37935061
.exe windows x86

debe154936077644b1bea41a9ca5faa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord660
ord669
ord522
ord709
ord632
EVENT_SINK_AddRef
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord714
ord608
ord717
ProcCallEngine
ord537
ord571
ord573
ord681
ord685
ord100
ord610
ord612
ord613
ord616
ord617
ord618
ord619
ord546
ord581

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 944KB - Virtual size: 940KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ