b4d8e7d22fe95b14fc79a1068fdf66f2 | Triage

Sharing

General

Target

b4d8e7d22fe95b14fc79a1068fdf66f2
Size

599KB
MD5

b4d8e7d22fe95b14fc79a1068fdf66f2
SHA1

599937e533c6570a507cd2e96f3a2bda5e72902a
SHA256

77e8465236439d398d65d41906b7173559700950c220af0c0db54d168b92b590
SHA512

ce665450871c7917cc5d578432371f79a2461f7b0010f4f4df3d2745c0fa9e7740d52bbe772c837637735cb0a2e13f9736c9249533d9d57b712fd74a10f92b24
SSDEEP

12288:SfpL7a07Au24ZxQAykcTo9K6ld2D9ccQBb6LS/riACotAViE:QPRAP4j0iIWv5WACoKQE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4d8e7d22fe95b14fc79a1068fdf66f2

Files

b4d8e7d22fe95b14fc79a1068fdf66f2
.exe windows:4 windows x86 arch:x86

59f468439c7b2f97bbfe7e2a613ba7d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord631
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord537
ord644
ord685
ord578
ord100
ord616

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ