18cf7c5ed5bf62329dff8e7a06659b86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18cf7c5ed5bf62329dff8e7a06659b86
Size

1.5MB
MD5

18cf7c5ed5bf62329dff8e7a06659b86
SHA1

234fd9b884416006ff86ae392822cad2158f947f
SHA256

70b442f04587fb2bd26e0d9e55180bfbf7ec594d2696b699bff2b9d3ce84beef
SHA512

6e845d64152d9df3768ad226133c87b6ea3a174423ba3d0b7b4d996122f2e040147269dd4aa5355a2b356794606f812c88994bce55a777b7cd745e132c23dbbb
SSDEEP

24576:dnfXTAnk7En2M3XU4K3LAUtWBxk4DsJMHZ+T7bb2hT:d/TAnk7qPnU/LAUtcD0T7+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18cf7c5ed5bf62329dff8e7a06659b86

Files

18cf7c5ed5bf62329dff8e7a06659b86
.exe windows:4 windows x86 arch:x86

9a57735aefbdd11a23987eeb50935f70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord698
ord598
ord631
ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ProcCallEngine
ord570
ord648
ord578
ord100
ord617

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ