c67deb3de2c77e2d577fe9dc501ff2cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c67deb3de2c77e2d577fe9dc501ff2cd
Size

396KB
MD5

c67deb3de2c77e2d577fe9dc501ff2cd
SHA1

487f0dadc9e12d9e0d613edd1011f7b156ce18ee
SHA256

3a7db6ff4d7fd3542db0020167334c78841a1f048ec20876ac59f3c9279c7610
SHA512

80ff813a6a28704cb358895d5da259fb037d713ea5c78b2cc737dc9cef8d68e8113b167f7b8e68816137d2a0e20ae89317367e545e81fe7e01f0fd79e7158a3a
SSDEEP

6144:kbvXrxRlsPGT8143tmUlVziQ5CSMiU6nyn67w+g:kTbMTiUuhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c67deb3de2c77e2d577fe9dc501ff2cd

Files

c67deb3de2c77e2d577fe9dc501ff2cd
.exe windows:4 windows x86 arch:x86

6dc3acbf38579f7f9494b214f2cce9dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord517
ord519
ord662
ord593
ord594
ord595
ord598
ord520
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord714
ord607
ord608
ord717
ProcCallEngine
ord535
ord537
ord647
ord572
ord573
ord681
ord100
ord612
ord613
ord614
ord616
ord617
ord619
ord546
ord581

Sections

.text
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ