aeaba7f464f7a88875006f1cf1b004a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aeaba7f464f7a88875006f1cf1b004a5
Size

40KB
MD5

aeaba7f464f7a88875006f1cf1b004a5
SHA1

d4508db81ada1891f93fd3a4ebb985379bb5bf72
SHA256

b992e79d412595c165426f31fa02507e64d3ea22f4b900e4a72a7195597645d1
SHA512

23d73c18d77bac097c5434c77367f1aa46f45a48f188b6fe31425a5e6410b444e31c83dd856603df647b61667ec9b2987e02bb0f74c6f55be6e5a0f6c2fe1351
SSDEEP

384:uXWT1aHFF0yP1tTrpsYbZWwBYmaN1433EAE7tS+yvtzIe/tfF17e/7e/KCe/+P:4WTkFFHXgtmaNmkAEBSLvL5nC6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeaba7f464f7a88875006f1cf1b004a5

Files

aeaba7f464f7a88875006f1cf1b004a5
.exe windows:4 windows x86 arch:x86

3697944a64a62226d23da3306d9467c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

thumbs .db

MethCallEngine
ord516
ord666
ord595
ord598
ord520
ord631
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord716
ProcCallEngine
ord645
ord576
ord100
ord616
ord617
ord619
ord580

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE