be3aa840327e719fa8ddae8e67fc362a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be3aa840327e719fa8ddae8e67fc362a
Size

80KB
MD5

be3aa840327e719fa8ddae8e67fc362a
SHA1

0a3fbf791edbdf51da50817d7e3e5d020ecc753c
SHA256

091998431a7c1ffd37ddd53ab1f8569a9801768261f34e15db3db23ae810ccd4
SHA512

1e73d3a4d96b68ce1bd1fb8d0f8da5df3a5fe6ba034b6ba3db5c3e463f49107c9d7962638ee5bfadad810b566fb0a88b61ce0f20c55a6d03f54c3610f0d466c0
SSDEEP

1536:N8vgNaDLCz4Vjd+SsgQiuvtmIlB86reDO3z:NKgyCz5SS786reK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be3aa840327e719fa8ddae8e67fc362a

Files

be3aa840327e719fa8ddae8e67fc362a
.exe windows:4 windows x86 arch:x86

309d066bd92eba8a386979c2b4afa4ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord645
ord648
ord573
ord578
ord100
ord616
ord617
ord650

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ