2b149d7062ae59589a6cf1eeda98260f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b149d7062ae59589a6cf1eeda98260f
Size

296KB
MD5

2b149d7062ae59589a6cf1eeda98260f
SHA1

d553a1761b4fd7fe4e9ed9bc51baf9c5c16477d2
SHA256

cffb5cad4ba1eddfb3e8c9b1304735de10e42d0790a0db9e50a09896e1252661
SHA512

91acb1c983bc561d116843e72bb94db55ee38bedd727c3d13899f0e14ae75636de91cb4f6080aa62fab2d75f780bc07aaaa0d97a839b66d6316c33758f1cf344
SSDEEP

3072:gcDS1D2q+sg+swlSN9BkPFzW85u9ututumuOu+uxuOugujuju9u9ugu9uPuTu6u9:gXaq+sg+s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b149d7062ae59589a6cf1eeda98260f

Files

2b149d7062ae59589a6cf1eeda98260f
.exe windows:4 windows x86 arch:x86

48f76ac1850deaf8411d612fd247c507

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord183
ord187
MethCallEngine
ord517
ord518
ord593
ord594
ord520
ord632
EVENT_SINK_AddRef
ord527
ord528
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord645
ord648
ord570
ord681
ord100
ord431
ord616
ord617
ord619
ord542

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ