6871952a94b5c3c391bf33d0cf387845 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6871952a94b5c3c391bf33d0cf387845
Size

36KB
MD5

6871952a94b5c3c391bf33d0cf387845
SHA1

12bd8fd994ad55cb95eec6461a396667309e3fac
SHA256

884c12c3d1ef4e716b6aa2423812ba6c84ebaeb9684f70c5e7c2b70102d3ef79
SHA512

754b2215f2efe01008648e125cc7548cf06477b0e676c609a18e0ed378d08663b6889d7b04e3ea008300a7d32272abe1804187be8f7bebac55154d3d5e348c7f
SSDEEP

768:YAA1S2l26IbxQYB5o0NcMZKbRDNXz/x/3AZCZwSx7EQS8OKyNmRLSh:YJl2Ka5o0NelD91OCeSx7u8ZdQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6871952a94b5c3c391bf33d0cf387845

Files

6871952a94b5c3c391bf33d0cf387845
.exe windows:4 windows x86 arch:x86

3f23da773aa68a2cf6453f3f669f059f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaStrI2

Sections

.text
Size: 29KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE