f0a0b65d9d0bda2c7957419498af80f8[.]exe | Triage

Sharing

General

Target

f0a0b65d9d0bda2c7957419498af80f8.exe
Size

1.1MB
MD5

f0a0b65d9d0bda2c7957419498af80f8
SHA1

78d7357c45bb25eff82cd0333e6cb5c8316a49b7
SHA256

c1b0fe2cbc53ee12c9185b38aa8101efa6b841ae114813fd9e4b5778a8aba5e9
SHA512

ae0409659ab881376149b4c4dd5bb0f8d16b202a68da35c3448abce5f9fd5f832156022198beb554f0a19d644d5bb7a527e7f795acff79944368539421c4838a
SSDEEP

24576:o6q3iSoBc6r2FJf3z9tooY2UPCHUc9biyyE8AacjwxD6:oNDK2vx7H39b9yEDwxD6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0a0b65d9d0bda2c7957419498af80f8.exe

Files

f0a0b65d9d0bda2c7957419498af80f8.exe
.exe windows:4 windows x86 arch:x86

8da9b0165415dfe65aff506e64b84e5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord660
ord662
ord666
ord667
Zombie_GetTypeInfo
ord669
ord593
ord594
ord595
ord599
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord716
ord717
ord319
ProcCallEngine
ord537
ord644
ord572
ord100
ord320
ord321
ord616
ord617
ord619
ord546

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ