197a53ffc255327c16116e8c2d2792f64cd36d941ad20163bfbc2c09c4d50b9e | Triage

Sharing

General

Target

197a53ffc255327c16116e8c2d2792f64cd36d941ad20163bfbc2c09c4d50b9e
Size

620KB
MD5

011612709fcceeee1561ba935d4de457
SHA1

7b8613476cf6dba51573d268d5dc019db5a37b68
SHA256

197a53ffc255327c16116e8c2d2792f64cd36d941ad20163bfbc2c09c4d50b9e
SHA512

945383e5e619530b3c3ee2517287b8a1c7b6078c7f46f85f9d0b5e09c76b2b1ec5b1aef8066bd77833cd8ca2ab673a725640202f4f7bd94a85a68a82f4742c81
SSDEEP

12288:7+zmFdjqmPKBjh1AF3944TEdEIlorCgxkae6dnq2r72o:CmMhuF3e1NorCgxkP6dnq2rqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
197a53ffc255327c16116e8c2d2792f64cd36d941ad20163bfbc2c09c4d50b9e

Files

197a53ffc255327c16116e8c2d2792f64cd36d941ad20163bfbc2c09c4d50b9e
.exe windows:4 windows x86

e518486e80743047371240816a724c17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord695
ord698
MethCallEngine
ord518
ord593
ord595
ord520
ord631
EVENT_SINK_AddRef
ord678
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord714
ord645
ord646
ord575
ord685
ord100

Sections

.text
Size: 576KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ