ca2f9db495ab542663ee88e463ef014b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca2f9db495ab542663ee88e463ef014b
Size

874KB
MD5

ca2f9db495ab542663ee88e463ef014b
SHA1

793dab1da350d59641f2cac372c738b3786493ee
SHA256

4654345d91ae0107ee916d8d9efa2b3f78cc25f65c5a0407dcf5624282065ca9
SHA512

19b108e52e65457fbeb2709d529a7169f19d43d4624d637a2a38829d27212f474aaa54ce43f301c6d6a0f97a6e50e6ef982de00cb74d7b70c13b7a94d4f58dd9
SSDEEP

24576:5LUYILf0CSW6MTlSYGGd5fhD5slAZmgNUlnhotUjAmmUT:5LWLfp6uSHG/fh+SNNUlnhQXmmUT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca2f9db495ab542663ee88e463ef014b

Files

ca2f9db495ab542663ee88e463ef014b
.exe windows:4 windows x86 arch:x86

1f816a28d9c443181404286f4e37096c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord598
ord709
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord608
ord716
ord717
ord644
ord537
ord573
ord100
ord616
ord619

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.evilbin
Size: 788KB - Virtual size: 788KB