1f1720af21bba7dba302b1c07c938b91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f1720af21bba7dba302b1c07c938b91
Size

716KB
MD5

1f1720af21bba7dba302b1c07c938b91
SHA1

61458a8314c6756ea2f68b3ebed0063d1a3fcda0
SHA256

26d9c51ce7e93ae105952157496aa634c39bbb0195f121acd8be45e70d42420e
SHA512

6f2ec3f9163b84dd8ea7786007cb671799cbc967152fe7edf110499dc9c0ce382706837555f8ee34cb2aeec562d95f018ca4a54e1d6078f606969adb8c5605fb
SSDEEP

12288:wZEjJXbKBNxDaL3gd1tr6ZS2XJjR3ZyxOPCL+9J4dg3yvf7byI+88888:MyJrKBN90gd1tSp5VsxOPCqnZ6jbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f1720af21bba7dba302b1c07c938b91

Files

1f1720af21bba7dba302b1c07c938b91
.exe windows:4 windows x86 arch:x86

ff7a30d4fd220d549221bf3849199d9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord517
ord519
ord598
ord599
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord685
ord100
ord617

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ