29f6aaa0443802775d6906224b6cefa8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29f6aaa0443802775d6906224b6cefa8
Size

6.5MB
MD5

29f6aaa0443802775d6906224b6cefa8
SHA1

082d7fc8d07f959e85dd66bc80510ea9d6d5fa63
SHA256

f058a2184db25a2fb6159dd2039d748eb29d5969135e7259e93270b26a20b6e0
SHA512

deff743c4ef558373ebe14373c097256c79aee7bd57cda1569763dd95a8ce00a342f001c74874a68ba56dc716f1ea12ecd11aca075c2b87a9b31a0b72615f177
SSDEEP

196608:mIEUabkTR6hmWnQzl0GMCIQMjDc4GCj11oNrarqA:mrnbk2ioCIQeDc4d1fT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f6aaa0443802775d6906224b6cefa8

Files

29f6aaa0443802775d6906224b6cefa8
.exe windows:4 windows x86 arch:x86

dd1352569303e3b273bd3993f9bd7d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord526
EVENT_SINK_AddRef
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord570
ord100
ord616

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ