4a1f4ec39db137822b9c214007ccd8f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a1f4ec39db137822b9c214007ccd8f7
Size

336KB
MD5

4a1f4ec39db137822b9c214007ccd8f7
SHA1

b17bc77d32ee2bb0afcdb633ccb376a81d38cb0a
SHA256

bc9f34eb36d1ad53479d53b8516a2786f5755a0739076b24c489eb526e3fe9d8
SHA512

79a3fdd5910ca28d01f5ca7a4fb381b09e38951688140e9148e7f40b0ff6f5e117bab4464cc336350749b236a25b557302a43588b953245d094c52432bd81c76
SSDEEP

6144:QmMJAJyO6tyKRuXyUSlr7cR3SL5r5uwi1ixly5p7bV8enpng6F2hzJ0ub53qm1Vj:tJ05RuXyUZ1S3n/Y4n1X62Ww

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a1f4ec39db137822b9c214007ccd8f7

Files

4a1f4ec39db137822b9c214007ccd8f7
.exe windows:4 windows x86 arch:x86

a39604757b0f7d602998edc71a17f26b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord593
ord595
ord522
ord631
ord632
ord526
EVENT_SINK_AddRef
ord561
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord645
ord570
ord648
ord681
ord100
ord617
ord619

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ