4637416c03ef6d6057f5b67ccbda3eae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4637416c03ef6d6057f5b67ccbda3eae
Size

36KB
MD5

4637416c03ef6d6057f5b67ccbda3eae
SHA1

8c32d1fc34ebcba1c6a0d0cd18ce26f8c3e337ae
SHA256

3da7a6cbe227ae68550b2424f08c2537724e58f92364befb6afa8b220ccbe594
SHA512

0f9ab710d3cddf60d2265d62856eacc37eb0935bbab35a0cdd73a27868e184e59c535a428c1ff4e74e7595cba93ec1cc2c7966939a480dc080da4262e8e65bcb
SSDEEP

384:YHNk7SjsaDhgRVO1veCSLbSaI/TBWdrT3lTAeJK:YH6mjsuGRmedbSRYdrT3xAX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4637416c03ef6d6057f5b67ccbda3eae

Files

4637416c03ef6d6057f5b67ccbda3eae
.dll regsvr32 windows:4 windows x86 arch:x86

6982631358c94dc05729c53f3b7803c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord518
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord592
ord520
ord632
EVENT_SINK_AddRef
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord319
ord645
ord648
ord571
EVENT_SINK2_AddRef
ord101
ord102
ord103
ord104
ord610
ord105
ord320
ord612
ord321
ord616

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ