518ff26d19309673592ebf984d12e893 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

518ff26d19309673592ebf984d12e893
Size

101KB
MD5

518ff26d19309673592ebf984d12e893
SHA1

d425ed5d9d8793d65511d3f1c02815cadbe875b5
SHA256

75928cf4617a7d34f6d63d314151b123ff45428e81edb1dfaa126ffe1bcc79e7
SHA512

9f9c8a28b4c6db7e17e3f7ebeec2fbc963eefc15c168e60f4187bbc79601b0a6eb8580ec2190e538abd8550b2c8c107941454784e87e51e7c6c60f5363c01992
SSDEEP

3072:Rgs+DIrOUHMTWFkCPK7uNb1nx7T0ZhuW+PJ7h:Rgs+UrO62H1uNbpNCux7h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
518ff26d19309673592ebf984d12e893

Files

518ff26d19309673592ebf984d12e893
.exe windows:4 windows x86 arch:x86

d69c6479660f6fc7022a75a7d35f4ebe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarSub

Sections

.text
Size: 69KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE