b644f3ad9c501bc2e9fd1c0792d65864 | Triage

Sharing

General

Target

b644f3ad9c501bc2e9fd1c0792d65864
Size

86KB
MD5

b644f3ad9c501bc2e9fd1c0792d65864
SHA1

a9166d7878f75429d2ec5b75ccd2abd9f3f4fcbf
SHA256

a992eae75383e3f1aee610326c9f2846bdbfbfb6f5c6af6f25af222b258d871e
SHA512

116cbc7cf8344f151f93c31175a0f920e17b620ffd0f239f07928c7e6946691d9386dfb61bdd8060b1b8f7dd9f64a7511a2ff5e694ed201848ca30133392c8a8
SSDEEP

1536:+AgM2gGbArNbOawFHJpZ8GFTiiQFqkKkBYxHQzVHCle8TktaymhQYAozvI+d:+AgM2gGbArtOawFHJp6GFTU2kBYxEilN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Server_al-swisre.exe

Files

b644f3ad9c501bc2e9fd1c0792d65864
.zip
Server_al-swisre.exe
.exe windows:4 windows x86 arch:x86

49fc08656f9ffcf7a0fc294258ef56bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
ord665
ord597
ord599
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord100

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ