870b37e02431b79bfe5debcb2a6f27f67a255a96b5ce0b7cf270720cb0f7a3cf | Triage

Sharing

General

Target

870b37e02431b79bfe5debcb2a6f27f67a255a96b5ce0b7cf270720cb0f7a3cf
Size

4.4MB
MD5

93bf1a918b8ea7bfd4d53f7f54de6282
SHA1

b8aea380163f1a82bee3b41d1042261c06f70e04
SHA256

870b37e02431b79bfe5debcb2a6f27f67a255a96b5ce0b7cf270720cb0f7a3cf
SHA512

ecfae311b2782766deabba0828e962e3211b2b355797a23568f51b500af0365f488afd2a69a0b915dd03129551bc527c047d183286cb337fdcffa9d0d8996066
SSDEEP

1536:MNyqVAb8dnlAUTFTgKDzRDVE4jt5HMCceGzcfdRTgYtSp1C7Sqbz67:sZVAIBlAUJTznR7qCVGzcf7g2Sq67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
870b37e02431b79bfe5debcb2a6f27f67a255a96b5ce0b7cf270720cb0f7a3cf

Files

870b37e02431b79bfe5debcb2a6f27f67a255a96b5ce0b7cf270720cb0f7a3cf
.exe windows:4 windows x86 arch:x86

069eb3fc354cd9eba6c301430501d998

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord517
ord553
ord669
ord593
ord594
ord595
ord599
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord609
ProcCallEngine
ord571
ord576
ord100
ord689
ord612
ord616
ord617
ord619
ord542
ord545
ord546
ord580

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE