MDE_File_Sample_802fe2d8cba5e2c99824bd2d4e996bacb3ed0648[.]zip

Resubmissions

28/12/2023, 23:10

28/12/2023, 22:47

28/12/2023, 22:25

Target

MDE_File_Sample_802fe2d8cba5e2c99824bd2d4e996bacb3ed0648.zip
Size

17KB
MD5

11f87ed07e0f21daa93c38b2662d68fc
SHA1

40d8227d9d9d35c196d85ac5adbbeabc1ab8b4e7
SHA256

8d4a4d67265d3e143832ca9677394d86cd7dbfaa08da8c4eab918e84934d50ed
SHA512

5791e7445d6864eb1eff187c4f721ea9e6900415b2ff280c6f87b109a4e75031c761da0372298208325d5dda01e6e6d9f30143daef5de9ebd8c96d9931639f8e
SSDEEP

384:qTn7ImQExedsipfFIv6OsSDkEwdKag7UE+c24KMIUMcVM:47RQIedsgFIvRCdKaggE+nMEIM

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Administrador de conexiones.LNK

MDE_File_Sample_802fe2d8cba5e2c99824bd2d4e996bacb3ed0648.zip
.zip

Password: infected
Administrador de conexiones.LNK
.exe windows:4 windows x86 arch:x86

Password: infected

a3be736ba74958f3dc8dd295ec266782

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord558
ord592
ord595
ord598
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord605
ord607
ProcCallEngine
ord537
ord685
ord100
ord689
ord616
ord618

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE