0f38b9b414ae76279fc314fa6a4142f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f38b9b414ae76279fc314fa6a4142f5
Size

157KB
MD5

0f38b9b414ae76279fc314fa6a4142f5
SHA1

2899c1a86e8232abfd7e3c40671cd4bfae9c015c
SHA256

0bd3db8970a666f4438c8a0f586563fa0f33f4d1cd1808376a2ee2027d6186f3
SHA512

0fdc6101b19c5607b0db1116687545c1c4209de578990af76c42e873594a8edb0ab52d230071e473f346d560c6c50fb3b46262f0f4d7ca8c9283f760576c014b
SSDEEP

3072:ywxvzjZtj1iJif4FqzRoUW/nXxInVIJ7RiTs5qd1rwOyb/qdYx12Qa4A7KVATwrN:lnVkif4PTXxInVIJ7RiYqDZfdOaduSoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f38b9b414ae76279fc314fa6a4142f5

Files

0f38b9b414ae76279fc314fa6a4142f5
.exe windows:4 windows x86 arch:x86

ea24632d093e05ed21274283190f71fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA

msvbvm60

__vbaVarSub

Sections

.text
Size: 21KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE