79af8e07330d86ae3559dfc3f04a18e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79af8e07330d86ae3559dfc3f04a18e0
Size

352KB
MD5

79af8e07330d86ae3559dfc3f04a18e0
SHA1

e52b362d1bef83013628e75d91125d9d6f36654a
SHA256

62606f750454a64fe4a95ea28066f873cc7108c967b1024a83bc98d9f2c06527
SHA512

8818064d665d6f7b354c693d9e1e2e5fcf82618feede4583026030368f06fe1db50a4eb26724f80a59f5f2168d4e6314b86a10f22904800bce155b27b6653469
SSDEEP

6144:42MkjN4YK/40TOLSuxb8TRG4/Gq85fn0wIkndo5QhYE9JHQcGGlY3EBN:0YMOLORttgn0s25QhhJHgG9X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79af8e07330d86ae3559dfc3f04a18e0

Files

79af8e07330d86ae3559dfc3f04a18e0
.exe windows:4 windows x86 arch:x86

35d8b3b55e015ec771921fa25fa1e4b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord667
ord526
DllFunctionCall
ord600
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100
ord610

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ