044965327a74b6f097ba93f5e1b04f23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

044965327a74b6f097ba93f5e1b04f23
Size

72KB
MD5

044965327a74b6f097ba93f5e1b04f23
SHA1

0dc69e5a7691f2a647a9e053bbfd3cf9fa746290
SHA256

157d236687430626eb37c73cdf2bb3c42557db0329e0ebaaa394e526eeedf9e2
SHA512

458709db188e5e5d739123cf18a1d4010f8095cbe66592af965ab247e79739f229910913b90f568dc9e705580e7e4fa31901005ba2826183dec44f2df71a3c09
SSDEEP

768:B+7/DurbNRady/YleuJlVnRkwZ91bIPuiEuffrQiDIXgejtt5inO2IBvSVPpKfxL:B2uN491bIWinffxIX3tt5ijIBEpKfxL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044965327a74b6f097ba93f5e1b04f23

Files

044965327a74b6f097ba93f5e1b04f23
.exe windows:4 windows x86 arch:x86

113a17916297563601e5b5d03032991b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60.dll .

MethCallEngine
ord665
ord526
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ord644
ord537
ord570
ord648
ord681
ord685
ord100

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ