4a51aa647587332cf4e0f8879d7a82a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a51aa647587332cf4e0f8879d7a82a8
Size

48KB
MD5

4a51aa647587332cf4e0f8879d7a82a8
SHA1

8871481852b68e51a5f658aae865c54b870bed06
SHA256

41d761ae8db2da6b90d70a9d4982f0897cb8790267108be8bd9272d341fc8395
SHA512

e5a134627576bc16610b53a296d961f301991f0c4ae8b61d3796a1f50113849e3588470789ff8ea7b4a801378f0ea7d7b255b4fe06c0ba42e58a22e62a69badc
SSDEEP

768:3iNUTYjGbOJNONjCVPCEsokl/9++rjJR9ec:3tMKb1ucokl/9Mc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a51aa647587332cf4e0f8879d7a82a8

Files

4a51aa647587332cf4e0f8879d7a82a8
.exe windows:4 windows x86 arch:x86

2b95def43c645bdec2b2bb4bc3b94fa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord595
ord631
ord709
ord632
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord530
ord608
ord609
ord717
ProcCallEngine
ord537
ord644
ord645
ord648
ord685
ord100
ord689
ord617

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ