file1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file1.exe
Size

492KB
MD5

78e82f5f92f1bfc162f99c6bca1ba4d2
SHA1

b1249992b8014125f0245e3ce4550805aa92b560
SHA256

17ec2669038cc656f8899a3e772d1d35317875a8f94fbdde8d9f9b6fd803efcc
SHA512

ba488fdcc9923ea4ba4841983d0d35844eb120ba1fce8fa5aa37e53fbc41d7d93783afa9f910316f8eb8cfb65200f2e5427ac0f1b5fdc6b8c46fa80194bf19ea
SSDEEP

12288:nMExOrizaIrYY0nM4eOdUtxcVHo7Eut/F1xesr:nMkrYRUg1utZesr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file1.exe

Files

file1.exe
.exe windows:4 windows x86

f9bfccc82b6cfe6f82f41a3e115e0db2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord556
ord666
ord592
ord595
ord598
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord716
ord717
ProcCallEngine
ord535
ord685
ord100

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 480KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ