8f43aec394ba90ae00b543378e8efbbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f43aec394ba90ae00b543378e8efbbc
Size

20KB
MD5

8f43aec394ba90ae00b543378e8efbbc
SHA1

60c5181e60d3bfd99b76fed0c53a03c938284036
SHA256

bdec8d066a1531c7037ac15669970e08a2b4dff450a3d787117a02ccf0ff9576
SHA512

3a58a24828341b319d7419658a3a968c81f708aac3e370c385a01fdf1210effa938092181d7ce09eeaf8947777c8c05625b1ed3c10af77273c8d97ce2e58943c
SSDEEP

192:C1W2+gTWvGfG3CYwJygPfgCMiTwlbMEN8LMAsT93YOUdc0XFX:+W4xfICWggAU+MAsT93YOUC0XFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f43aec394ba90ae00b543378e8efbbc

Files

8f43aec394ba90ae00b543378e8efbbc
.exe windows:4 windows x86 arch:x86

1187cf66ca7ab6c400a300f74464c9c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord693
MethCallEngine
ord516
ord709
ord525
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord714
ord717
ProcCallEngine
ord644
ord100
ord689
ord610
ord616
ord617

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ