1d9c4dece85a4cc3fcfbb694de71463f | Triage

Sharing

General

Target

1d9c4dece85a4cc3fcfbb694de71463f
Size

143KB
MD5

1d9c4dece85a4cc3fcfbb694de71463f
SHA1

005fa1584025c617363d59e98f809f3ba2080e0e
SHA256

bcf61ebb353fff4773f745fb56d68cb48ab4c4f4d4c2c67e9202b4c0ffd076d3
SHA512

7e6e280a0e2f9dab12ec554cbfcf398121f7ad7954d696eb91c34ce5363ee9e0d511014b8e8d262a138b1f12209e5a6d2ddaf90f703b1de443b5d0a3ea80df21
SSDEEP

3072:AKpgODOM5BkvGJcUWoriP7PgljYnDAZqpo:ZyEkeCS+7P3sZqpo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d9c4dece85a4cc3fcfbb694de71463f

Files

1d9c4dece85a4cc3fcfbb694de71463f
.exe windows:4 windows x86 arch:x86

b5bfdb4c23b9e9d3ee09fb46749ee711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord598
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord607
ord716
ord717
ProcCallEngine
ord537
ord644
ord573
ord100
ord616
ord619

Sections

.
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE