bd0bdd6589b0d244ca6167da4fc889b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd0bdd6589b0d244ca6167da4fc889b0
Size

104KB
MD5

bd0bdd6589b0d244ca6167da4fc889b0
SHA1

47e8a4eadbc4e9504413a882c1e255759b3c472b
SHA256

e82735c53579068ade772e90bf20130102a22181124f3f1a831f060ebb67aef2
SHA512

298a761e8b258d311fc226ef88232bf128ede127788a271007b1b5fdd7f31504ed06d771c2a6c9b6c377178ad6c4f75d0e96122d2f81a30b1687e7295f93c3b5
SSDEEP

3072:JZnaj31E+E4QJvtjMRQHKYkYLH02sN9+7Nz18A:JZaj31El4QvjMRQqYHLnW9UNz3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd0bdd6589b0d244ca6167da4fc889b0

Files

bd0bdd6589b0d244ca6167da4fc889b0
.exe windows:4 windows x86 arch:x86

3357376d2e8aa399485e5d9e5db8a13d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
ord583
ord584
ord516
ord660
ord593
ord520
ord632
DllFunctionCall
ord601
__vbaExceptHandler
ord606
ord608
ord716
ProcCallEngine
ord535
ord644
ord572
ord573
ord575
ord100
ord617
ord546
ord581

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE