f60facd2813239e41472f729a5d54d89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f60facd2813239e41472f729a5d54d89
Size

20KB
MD5

f60facd2813239e41472f729a5d54d89
SHA1

f04880d04fee381082b88bf6c4798d2396310f18
SHA256

e11f281b00a516861e6756787696c6b5832384514c2574c8af8e3939735c7494
SHA512

c1e6617d8b7d764074a14ffea5256c3a10f0a2c128b93529aeff2ffeb34ad9d30aef300ee5fe8d3340597430b9b4859a23a5a842b834ab54815faad5e2041734
SSDEEP

192:aVs/LF+222XSSHl/t9hCgj4Wxr59Tc23/htx2tmDB9E:NRr22XSSFV/xrXTNptxWgO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f60facd2813239e41472f729a5d54d89

Files

f60facd2813239e41472f729a5d54d89
.exe windows:4 windows x86 arch:x86

109d0b13120081ecfabd14dc151a8b0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord713
ord607
ord717
ProcCallEngine
ord644
ord570
ord573
ord100
ord618

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE