539bf24d0d0979b9388291e0a598368c | Triage

Sharing

General

Target

539bf24d0d0979b9388291e0a598368c
Size

20KB
MD5

539bf24d0d0979b9388291e0a598368c
SHA1

886bcd1415e762c2465c33a01afc5b8edf654825
SHA256

d9d37fd867681fce510f02525ec56c4d27b8ead48838cc58961aeab74ef915c1
SHA512

e71bcd09527ff8b4c5f59e03bc9e9dfec0beee8646bc3f19fbee993ca51290e58b460281a27820875db71eb6e5d941244390ccdaad4769199fe75f9a7e586fe9
SSDEEP

192:A2lLi68Yo+SY68GZZUulnUu0GT4jE+1Q4sCueT8YnFhelLi6:7lL98vDPlnUuVTkE+1QZAThelL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
539bf24d0d0979b9388291e0a598368c

Files

539bf24d0d0979b9388291e0a598368c
.exe windows:4 windows x86 arch:x86

c3c2fa96bebc2a0c1e0f88107dca58b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord520
ord709
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord716
ord685
ord578
ord100
ord580

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ