ad4fa45459b19977f5c7d97d718d068f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad4fa45459b19977f5c7d97d718d068f
Size

44KB
MD5

ad4fa45459b19977f5c7d97d718d068f
SHA1

0db4f98fd904641dd363b3867fb6021574a73cab
SHA256

cb71522761352ae68db1509b7bf5ab178b17d6a04c6ef50a919e0afb9715c0df
SHA512

13ab4ebcbd98e82e64d600ce4d973a3f83fd90f9bedeee2c640b310bfe6ebc0e60cec8038683120c92bc0ea2722afa20f73e3169c7b3d03ee363eb971e0850bd
SSDEEP

768:0cQc1g+E8AnZvkgLc+dZrf7HuBUyse3vifICUGVjzBb/:0OgLbnZLfjDjuqxQtez9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4fa45459b19977f5c7d97d718d068f

Files

ad4fa45459b19977f5c7d97d718d068f
.exe windows:4 windows x86 arch:x86

c058b1934289658c3c15d3ac19fb5deb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord519
ord595
ord598
ord631
DllFunctionCall
ord563
ord601
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord536
ord644
ord537
ord572
ord100
ord581

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ