8d5b115d530209440650f593f7ce5d12 | Triage

Sharing

General

Target

8d5b115d530209440650f593f7ce5d12
Size

264KB
MD5

8d5b115d530209440650f593f7ce5d12
SHA1

099f9e7590401c8093e1572c461cb5c1e861928c
SHA256

9a753c6ca75706fbc9574708b89159ad6547075fd2ade08036f23290748e7c75
SHA512

d6d34a328955b15939e9e8086d6b570bccfa5f39fdfaeeb5a9e767f8f4309384d346831432139ffc0b1b1c11986294f7743dd493b08c89859d0215ac7e3e8738
SSDEEP

3072:RIdcFLEdskgrt05bnwhVh6PTP/FbaZkV:aWjZ0xCVh6rV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d5b115d530209440650f593f7ce5d12

Files

8d5b115d530209440650f593f7ce5d12
.exe windows:4 windows x86 arch:x86

fc39d6bcccc6aed12cc7b3f6f5003c3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord100
ord617
ord581

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE