591b948b53b5aff8c4b169692e52e0d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

591b948b53b5aff8c4b169692e52e0d0
Size

632KB
MD5

591b948b53b5aff8c4b169692e52e0d0
SHA1

cbfc72715977e5b2cf8d2934215804376dec96f1
SHA256

cdb5e02a2f7cf4478483bb5a6a3e1a87373a89ae64340e5282bc59b044c192cc
SHA512

64bbf759bcea288765ec046540132c7c7d797755df735eb56a93d6520a6cbad25c311801fa495935e42b446710e076441437895cbb442739a82ff1a92098d918
SSDEEP

3072:tWBd5WXpYI+538b8Hpd3cN+UQTvK96iCAn+hQn2ThLUcDkNZjtm1ZSZ:3e1I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
591b948b53b5aff8c4b169692e52e0d0

Files

591b948b53b5aff8c4b169692e52e0d0
.exe windows:4 windows x86 arch:x86

49fc08656f9ffcf7a0fc294258ef56bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
ord665
ord597
ord599
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord100

Sections

.text
Size: 624KB - Virtual size: 621KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ