3ad91413c677e67092e20ac41c6fa869 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ad91413c677e67092e20ac41c6fa869
Size

24KB
MD5

3ad91413c677e67092e20ac41c6fa869
SHA1

335a7d7f4282b6cef1d44cfd71232c5de3d9c83d
SHA256

eb117c0975d1cd8f3d6895b1438e98383971c7d4babbd0c56186e2877dec74e5
SHA512

c1f989f063993aa6865b416bc28f3c478557f9e7e54b0330b3e5d727ade82dc386e20735bf6f9f9d12af75b1e7580cc4ca57c6cec546861ca735d90587cdb009
SSDEEP

384:MNVVnoDnCaRMzZLrjlH7x2aiSovodbDfEh7TwsN/q1VpawxYM5hJka0PeK:SVVnoDnZReDYLpodbDf87TBN+X5vGv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ad91413c677e67092e20ac41c6fa869

Files

3ad91413c677e67092e20ac41c6fa869
.exe windows:4 windows x86 arch:x86

19e5edbb740bddc467927e10d46bf0b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA

msvbvm60

__vbaVarTstGt

Sections

.text
Size: 21KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE