8c6018cfc3a1b774fc079df934fc2432 | Triage

Sharing

General

Target

8c6018cfc3a1b774fc079df934fc2432
Size

13KB
MD5

8c6018cfc3a1b774fc079df934fc2432
SHA1

1aee8c28be117f875a5c0b96f04850b3a8fa70ca
SHA256

1471a9c616b0e08b64cb6f87db67462f5884e03f74e539f183a3329d550be6d0
SHA512

d527965a2adfd50c04331a37b17af273638fa49cc8bf4200303fa9089382af7044fe3836e4f26c7bea45c14e0a2076305270404dd1d9c8945fc4687d3ee11183
SSDEEP

192:GHG/bkvpm/xbt62Nnfq18zIjsisrscldEHVunAGAzhkv21My3kElU2LyEg:CUbkvpI5Tq88ulCYAFyv8kEjyE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c6018cfc3a1b774fc079df934fc2432

Files

8c6018cfc3a1b774fc079df934fc2432
.exe windows:4 windows x86 arch:x86

4728e347e639728abe7aa9194a2f4cf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

MethCallEngine
ord516
ord518
ord595
ord598
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ProcCallEngine
ord537
ord645
ord570
ord648
ord571
ord576
ord685
ord100
ord616
ord618
ord619

Sections

.avp
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 440B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE