04603fac1085cf848b09e4bdc5bfbfc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04603fac1085cf848b09e4bdc5bfbfc3
Size

1.4MB
MD5

04603fac1085cf848b09e4bdc5bfbfc3
SHA1

9abfe1305d2a47318de2d5c21024607f659142ea
SHA256

c03a4b0bed569606655eef2276005cc4a87fc6894ea8faa13ceba0c251f9fb95
SHA512

f03e79db01428093623dcab6fdba69a03448efb2d495e7c7c8342e5bd9a6c6c62ac6329e9a765215b8b8fde6a45484345edc4f4ecd9c741b36d1aee7b091b95d
SSDEEP

6144:xRSyV4L8VdRQ/vqkg1gEagdQHEnOZVdRQ/vqkg1gEagd:xRSyS8V7uikFgBsV7uikFg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04603fac1085cf848b09e4bdc5bfbfc3

Files

04603fac1085cf848b09e4bdc5bfbfc3
.exe windows:4 windows x86 arch:x86

983e89760a2d5046cf8e78ecb49fca23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord598
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord608
ProcCallEngine
ord100

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ