37444de2113212de922d3ed08356d52f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37444de2113212de922d3ed08356d52f
Size

360KB
MD5

37444de2113212de922d3ed08356d52f
SHA1

59c2a555a24a852afe2155e6e234d4486953bfc5
SHA256

cb7de78fb80680474e8181e67995e54faa6349fd0822296edd68d0c7694e178c
SHA512

aa61c84be28f3a3f1e836a5022b4a27fbca24a8a6ec2c7ce7ace4a98f137627102feeb70fbcb664c5a84bef704522817b29cf8fd2f56aeff61ae6879c364da48
SSDEEP

1536:8gDCC0yG3iEoWTb4cQHECdVeIGQTWj5CR4M9mC4cYHIzice:8ge3yG3WVLWjoaM9mC4PoziR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37444de2113212de922d3ed08356d52f

Files

37444de2113212de922d3ed08356d52f
.exe windows:4 windows x86 arch:x86

857bd8419f07c49db95bf989f2083a35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord593
ord594
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord537
ord644
ord572
ord573
ord685
ord100
ord619
ord581

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ