28195091dd5c69f4ecc9f2a400ebb47f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28195091dd5c69f4ecc9f2a400ebb47f
Size

32KB
MD5

28195091dd5c69f4ecc9f2a400ebb47f
SHA1

397d5ee6b48107ba5552ede0bcd94092e1474f81
SHA256

4b8d1bca1244edf78fce861e80a28f292790be43d57874c9ba75ac93c45992c0
SHA512

4cd1b84df31c0a2a8c6c5fe22ad9c95f122f8d4c4a2514c40ddf0c42c65c604d57c314c56dd13b6d05fe6c9cf4cc34c1f179e404b705d0458f7d9132a4eb50f4
SSDEEP

384:wJiyKpnXJz+zbz6jlHU3hUrJtfG4A7aV3/0tKIm2HH7ceR2AJmPmpEIDyWCAkDso:+iyKn+zdWr64l3stKIbHHg1zeil

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28195091dd5c69f4ecc9f2a400ebb47f

Files

28195091dd5c69f4ecc9f2a400ebb47f
.exe windows:4 windows x86 arch:x86

a11012d98263022440e0bfbbc4366d32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord518
ord660
ord593
ord594
ord598
ord520
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ProcCallEngine
ord535
ord645
ord539
ord648
ord576
ord578
ord100
ord579
ord689
ord617
ord619
ord546
ord580

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ