7d4db2107bacdab4781985af399be6d7b7afc724fab54a0f7cb06cf159f48fa1 | Triage

Sharing

General

Target

7d4db2107bacdab4781985af399be6d7b7afc724fab54a0f7cb06cf159f48fa1
Size

152KB
MD5

883810b22eb89c65e779c1ef0f3c7177
SHA1

a3c9def4a13fb50fc257bd3cd8eded94d95e4e33
SHA256

7d4db2107bacdab4781985af399be6d7b7afc724fab54a0f7cb06cf159f48fa1
SHA512

45d9abf1fd47587a8ff6117cdbf936c614ac938aa5c185b5005dda25011c82538ef8e12c227f5e0a3897d78eb68214b81d9156d02c0184eb43ba59615fc9a19f
SSDEEP

3072:/TJRpmPXfjL3dznTd0OU8gB3yvR5+C5mJesZcBwjQLF:/TnUPXfjL3dznTd0OU8gB3y3mJesZcBP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d4db2107bacdab4781985af399be6d7b7afc724fab54a0f7cb06cf159f48fa1

Files

7d4db2107bacdab4781985af399be6d7b7afc724fab54a0f7cb06cf159f48fa1
.dll regsvr32 windows:4 windows x86 arch:x86

e51fa8c8366322aea1fdda2dd0201fe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord518
ord660
ord553
ord591
ord300
ord303
ord598
ord305
ord306
ord520
ord309
ord632
ord526
EVENT_SINK_AddRef
ord528
ord561
EVENT_SINK_Release
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord313
ord712
ord607
ord608
ord716
ProcCallEngine
ord685
ord101
ord102
ord103
ord104
ord610
ord105
ord617
ord619
ord650
ord545
ord546
ord656
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ