-ú+ÚÁ¸-È[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

-ú+ÚÁ¸-È.EXE
Size

148KB
MD5

acb2f1b9cf9a1541e294b043f4ff2f4d
SHA1

012847f80a0dae3f9e93989ccacdfe5ad97ff2ba
SHA256

7bb870a550804e944788b2f552083b14aa0f31ced7454fabe441fcc1d51cd09d
SHA512

b3f3b3138e2ba3fa65d5877b28a9e1e1948dd7582bf0e4ecb2b294d8f97d429242b443c2a6d1a127ce8bab1d556840f48c0341797a4b36edba5c316c6f5bc4cf
SSDEEP

1536:o+vNKj35vH/KI0gIRRlGHrFwdv/EHQzcvZbcfoHYDtcWZlP3dJ5Fs9AzvNDicu2E:g5BDmcZo51JPRzvN4LRhO/e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
-ú+ÚÁ¸-È.EXE

Files

-ú+ÚÁ¸-È.EXE
.exe windows:4 windows x86 arch:x86

6592f664210a7f055758b44d63eb6d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord519
ord660
ord593
ord595
ord596
ord598
ord520
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord537
ord572
ord573
ord685
ord100
ord613
ord617
ord619
ord650
ord651
ord546
ord581

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ