65551d9d5399282e855616682d287eed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65551d9d5399282e855616682d287eed
Size

84KB
MD5

65551d9d5399282e855616682d287eed
SHA1

7efe43cc06cfc254985a30ec10e5cda5d3be56a1
SHA256

5f608635f3a5070f1dc72f205b17c6a704f872a1d41233ae4f85eca0463feaf8
SHA512

15968be3c7ac9d306f1ea6be8de5ab166fbb076a000734a79df1bde8b9392d199c193c07b041442901d5dcafca19e3a42251faad2cb6d3cfdaecd31c57ee9562
SSDEEP

1536:tDfjt/fycIL1yj255k+8bxZNOc6fpC8UkAK6qm:tD7Y5Zhk+iHYC8UkAK6qm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65551d9d5399282e855616682d287eed

Files

65551d9d5399282e855616682d287eed
.exe windows:4 windows x86 arch:x86

45e0dadb15aa434dfadf64184d28d03d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord593
ord598
ord631
ord525
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord570
ord681
ord100
ord616

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ