049584d8a21bf43facaa76e0c327e678 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

049584d8a21bf43facaa76e0c327e678
Size

71KB
MD5

049584d8a21bf43facaa76e0c327e678
SHA1

b3ed625e17d973e62060c66d96035338f100fb64
SHA256

0a82a7713bf94d496627476596cd521a8a3c4c4ec555e0af49c0ee939af3578f
SHA512

bed2dff5b5716f6648577ca9511582b1ccc7144a68f63079530f4a051cfab6e1fb6adca44cec2f2950e0c581f5e0a53c981ff0b88051ac0bfd5b72d0ba3e538d
SSDEEP

1536:xmEYVDG8gobIx4RQe5xhGvcfRQ4RoS/q1E4pDm36MjC70r:0rbT1xhWMaiqW4NL370r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
049584d8a21bf43facaa76e0c327e678

Files

049584d8a21bf43facaa76e0c327e678
.exe windows:4 windows x86 arch:x86

e39d037acde6b096f84bdccfceac0cd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord666
ord595
ord631
ord526
DllFunctionCall
ord601
__vbaExceptHandler
ord711
ord606
ord717
ProcCallEngine
ord644
ord537
ord578
ord100

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ