c798fe0a4cefc5d36f4d43e4e07e13c1 | Triage

Sharing

General

Target

c798fe0a4cefc5d36f4d43e4e07e13c1
Size

108KB
MD5

c798fe0a4cefc5d36f4d43e4e07e13c1
SHA1

0e18c6b7907b4a199cf57622b079b60182288560
SHA256

1d7a0e96b2f5d7becca25fb475889832a5666568824e5275fbee944033ba8e77
SHA512

8af2d7ea4e699bb6ca7811c694c1d98b0f4acb805f050d210297e2a4bd4c83c2aae2e2ec92fd7ebdfe2bb4ba3f30b61e55aad6921959b0d6c72d6cc110e51288
SSDEEP

3072:cifdElFuYmEaUiBcMuMzRIIKY+7a/0eCnu6NXs12dC:2DjmPuSyhwGu6NXi2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c798fe0a4cefc5d36f4d43e4e07e13c1

Files

c798fe0a4cefc5d36f4d43e4e07e13c1
.exe windows:4 windows x86 arch:x86

4f57d987f7764991699dd76bafd34101

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord717
ProcCallEngine
ord537
ord644
ord573
ord685
ord100
ord616
ord617
ord618

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dem
Size: 4KB - Virtual size: 4KB