4ff8d534936b56be02bfab47bb86cdd6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ff8d534936b56be02bfab47bb86cdd6
Size

692KB
MD5

4ff8d534936b56be02bfab47bb86cdd6
SHA1

1b8e63a60faf453bea1fd427d0a7e6a711366696
SHA256

5cf9182643ebb6dd77f4bebf86f71a0a99ec676e8cec76959c26781b8f510ac3
SHA512

2a0198e041a5de0e218f4be9e9436c25a01f6a99b66fbd60e91ae6fa1321f0e7bed9407844e95e6d065f96802cba901493eabb267c1fd9d64dc295db417a93fa
SSDEEP

6144:D9lRHVbpryhki0VGb+nE5CegF/PbyV1zx:3RHVbpr3VVKaE5ChdbyDzx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ff8d534936b56be02bfab47bb86cdd6

Files

4ff8d534936b56be02bfab47bb86cdd6
.exe windows:4 windows x86 arch:x86

e4305110973a4d2421698e63f553ab9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord595
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

.text
Size: 684KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ