12647f48bb28e63f9e479e837654e666 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12647f48bb28e63f9e479e837654e666
Size

44KB
MD5

12647f48bb28e63f9e479e837654e666
SHA1

58c4481210819b81059bc6bbdc06ad9084e4672c
SHA256

83fdb427c25db87a0b79623b0e275eddea56d9438076d4cf7e3a752f80c47ce1
SHA512

33cae1d6299d8e6075c4057e1347b1ccc950872d1ce0cc52f1112e1432437d3e81c918f4cae02120809128ad9bed77e12dbf1fd4e1789de81f5d5fe76badf0c9
SSDEEP

768:+dCsEVHiSFh2FUXfXZDbWA9SaAb9kzARycc/cNxeC:+gswCS3mIDbWQSaARkUrN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12647f48bb28e63f9e479e837654e666

Files

12647f48bb28e63f9e479e837654e666
.exe windows:4 windows x86 arch:x86

4f1a4948930c23269622f037bcd58454

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord621
ord518
ord666
ord667
ord593
ord594
ord598
ord525
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord670
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord716
ProcCallEngine
ord535
ord645
ord570
ord648
ord100
ord617
ord546

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ