fec67d4633516c6345ecfde31f30b7b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fec67d4633516c6345ecfde31f30b7b8
Size

377KB
MD5

fec67d4633516c6345ecfde31f30b7b8
SHA1

0137a19b6bbb2572b8270654cdfd19a0e0a00a85
SHA256

eb13ba32c1c433c224da07c0c62d92960232fd821dd5c672a6a07f1bb0359ff9
SHA512

2eabdcbfc9e63b2ef39f434a87b1248ea816304ef38973ba65aabb934d2e678f46af49ccaf5512920145936ee36bb8b61dc5de1a20fb83d801c823a8157994a7
SSDEEP

6144:Rb0V8cmI13zuuuxNyTufBcB6z2GSdFHAaAKUI7g12TX9rOv9haT:GjX13Wy7XGSCKP7gqkv9cT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fec67d4633516c6345ecfde31f30b7b8

Files

fec67d4633516c6345ecfde31f30b7b8
.exe windows:4 windows x86 arch:x86

aca0f90dc907e941ae94ac0c52a56f90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord665
ord667
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord717
ProcCallEngine
ord644
ord537
ord578
ord100

Sections

1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE