76d55cddaa1253ab2ab85ba801e0dc98 | Triage

Sharing

General

Target

76d55cddaa1253ab2ab85ba801e0dc98
Size

920KB
MD5

76d55cddaa1253ab2ab85ba801e0dc98
SHA1

9c3bf0267a35ef24c32448d0475dcc76ee29b4bd
SHA256

e4b19f796783c4c84f768648ceb9e80039fb6ec1ca0e68d67e0ff6af702b64a6
SHA512

75bd1ee9e338d10a84b97a60392cc689329ccb25de38b06e42157109c146617d61e2553a7a0c3807f7b2c5d8eaade0c21244dd324a3563041d6e98ad0c0cb4e0
SSDEEP

3072:GRlzljC1H3lCs/Xko9u/7GW6qu1SSeAvxni5FbCqsdlU9Eg48t5OOTX/wSNspzWU:wlADW8De/OqklU9E6/ozF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76d55cddaa1253ab2ab85ba801e0dc98

Files

76d55cddaa1253ab2ab85ba801e0dc98
.exe windows:4 windows x86 arch:x86

8b652661d5598e2ac65be0fb4b85eb99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord519
ord662
ord595
ord598
ord520
ord631
ord632
EVENT_SINK_AddRef
ord528
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord714
ord608
ord717
ProcCallEngine
ord537
ord647
ord571
ord572
ord573
ord681
ord100
ord612
ord617
ord619
ord546
ord581

Sections

.text
Size: 912KB - Virtual size: 910KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ