474bd1a328ed9470933ee7a8228db29c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

474bd1a328ed9470933ee7a8228db29c
Size

40KB
MD5

474bd1a328ed9470933ee7a8228db29c
SHA1

14fe43b7d615d8db7729da56027ff0da45c2fae9
SHA256

fa00c141031a9839e6595c2d2b63c8e2c6dda4c6af2ad06ea2a8e29b33ee441c
SHA512

40217200945f308b5971b1910a3d85f10370bb42b1c169d1cbdc064f0df665104cda457e422b95c3c35ea8626fa0f6e044b3f933f1eda272a91dcd6c4471547b
SSDEEP

384:1fzr6iaVwJtNZt2Ldv1lstwT08vcJWiaV7r:1Plxjri/sGTvcXI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
474bd1a328ed9470933ee7a8228db29c

Files

474bd1a328ed9470933ee7a8228db29c
.exe windows:4 windows x86 arch:x86

478b67780788184fa8ea9d25d4555942

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord716
ord576
ord100
ord618
ord544
ord546

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ