79f4a2eff9db199dcb3f89f8987407ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79f4a2eff9db199dcb3f89f8987407ac
Size

772KB
MD5

79f4a2eff9db199dcb3f89f8987407ac
SHA1

c5cbe442d44b1807cb133edd841c1974552bb478
SHA256

e06f31efa02fcbedf97a478e4358d8c68eff538cd36353759dbef0697919e443
SHA512

9f295941493aebfbe3de8d544d88b85fe91b0c7fbe633369a3f9973383dc7ebc31bf4c5b8093787819e850951bc47ddebadab1f3c75e04c8e9dbef8a378d01e8
SSDEEP

3072:3NR6+YA7gN/uXLBre8YzTzjyG9Iph7OLb34dlTwN/uXLBre8YzTzjyG9Iph7OLbk:3NR6DXNXxdp5HNezcq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79f4a2eff9db199dcb3f89f8987407ac

Files

79f4a2eff9db199dcb3f89f8987407ac
.exe windows:4 windows x86 arch:x86

d4832f35464c842e8b2bd5b133d13c4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord588
MethCallEngine
ord620
ord516
ord517
ord301
ord595
ord598
ord520
ord307
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord537
ord570
ord648
ord571
ord573
ord681
ord685
ord100
ord616
ord617
ord618
ord619
ord580
ord581

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ