066d43e3275b8ff04aa3b9bd1e785a03c23b60eb527d2f0dd386517fc4037780 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

066d43e3275b8ff04aa3b9bd1e785a03c23b60eb527d2f0dd386517fc4037780
Size

1.8MB
MD5

ec1e32f6ecb8e53bd7f98a1cb4ebd4ab
SHA1

7fa9c64e171c494912a8eba6446127e472749df1
SHA256

066d43e3275b8ff04aa3b9bd1e785a03c23b60eb527d2f0dd386517fc4037780
SHA512

61efd8c704459cc504c648f771eb04774db52c7f69ea12d9bab7d899f14c72f9bbd2d48c65d1744ff2ac3178086ba2abd1471c258d26e2e4edd33f597cca0232
SSDEEP

12288:Btb43gQ5LyBpXNsvyE8Ry3h/qRoGWQwndhOFyMqB/:scrXNc0y/QwnQyMs/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
066d43e3275b8ff04aa3b9bd1e785a03c23b60eb527d2f0dd386517fc4037780

Files

066d43e3275b8ff04aa3b9bd1e785a03c23b60eb527d2f0dd386517fc4037780
.exe windows:4 windows x86

708a0d9925c0da7a03b20d465db73756

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord588
MethCallEngine
ord512
ord516
ord518
ord626
ord552
ord553
ord662
ord593
ord300
ord594
ord301
ord595
ord303
ord304
ord305
ord306
ord307
ord309
ord631
ord525
ord632
EVENT_SINK_AddRef
ord527
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
ord310
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord312
ord313
ord712
ord713
ord606
ord714
ord608
ord531
ord716
ord717
ProcCallEngine
ord537
ord644
ord645
ord648
ord571
ord573
ord576
ord578
ord685
ord100
ord610
ord612
ord616
ord617
ord619
ord542
ord543
ord544
ord545
ord580
ord581

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ