b4681b9f87befb87a8b19e85e963894d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4681b9f87befb87a8b19e85e963894d
Size

171KB
MD5

b4681b9f87befb87a8b19e85e963894d
SHA1

c011d87feb3fcdde6b4d01eaddc059c2f6a2214b
SHA256

acbe7cc09f2b0df2ee9dc51891ab766980059647fba179a3740f7a114bd5dc0a
SHA512

9196d3c75fed6161dcb49f5b049601043981335668288c9783fe1fc0cce7e557b08e791b33309f7b4ddda386ca5e11bd7448f413b89d2dd87a8c9fb4897230d8
SSDEEP

3072:YsJ4cP/+v09ALvBM3cf/jFnFS7W50D7NeSZFfwtPOVMbfeiRmA+AtBrNTxk1J2KC:YsycuMAZM3cfBFwWee0wcVMb2ujt95xr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4681b9f87befb87a8b19e85e963894d

Files

b4681b9f87befb87a8b19e85e963894d
.exe windows:4 windows x86 arch:x86

d1a0a39215304aeb5396819efb3dcd84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaCopyBytes

Sections

.text
Size: 163KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE