8b6c351b8fc08d20c5159945f388587c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b6c351b8fc08d20c5159945f388587c
Size

108KB
MD5

8b6c351b8fc08d20c5159945f388587c
SHA1

56cf51ec28126b1f9ce9700071065ddf68c246bc
SHA256

6dea12aa376ae2dd0343d54efca5297ba54619e5087844ec0dd40de911b96ecf
SHA512

f62b8716cee340dcda35612b2dd72c31d2980701fc1d3bf8f10f612b7dcae39584eefbc9af5c1e932e3c3efb7e20634047d71f31be7896a4182eb34acf21ac09
SSDEEP

1536:d3NdNofxuR8Lf9b3iqGpA+GtJu+Gc3iqGpVFf5aR:BNdNiXfQzpXAJRGzpvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b6c351b8fc08d20c5159945f388587c

Files

8b6c351b8fc08d20c5159945f388587c
.exe windows:4 windows x86 arch:x86

560ada3e895ae3ac1685db5571ca73b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord717
ProcCallEngine
ord644
ord570
ord685
ord100
ord616

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ