02f3b0138b25c2685ee51eeca3368969d0936aba5a22982fc6c7e7ed54a82399 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02f3b0138b25c2685ee51eeca3368969d0936aba5a22982fc6c7e7ed54a82399
Size

92KB
MD5

fe53e804f0b0648b4b6e699eb480800a
SHA1

e3ccccb61c821b396adbb931d2b19397fd96c01a
SHA256

02f3b0138b25c2685ee51eeca3368969d0936aba5a22982fc6c7e7ed54a82399
SHA512

e88865081fcdb25a28f605f8caab8a9fb5daae70d0666b9a17318fdc61caa5a45bd3e88f21e0e456b38a357ac2696708bf8532ced73842524d396bca22163db3
SSDEEP

1536:TI3IODS4TUdnug8xlY3aS1cYMl7gZC7gGIikj2BlN:UFDS45TsaqcYLC01ikj2Bl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f3b0138b25c2685ee51eeca3368969d0936aba5a22982fc6c7e7ed54a82399

Files

02f3b0138b25c2685ee51eeca3368969d0936aba5a22982fc6c7e7ed54a82399
.dll regsvr32 windows:4 windows x86 arch:x86

f7280abe2d2724bdb14b86b1a4d909bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CreateStreamOnHGlobal

kernel32

RtlMoveMemory

msvbvm60

MethCallEngine
ord518
ord660
ord553
ord557
ord591
ord592
ord593
ord594
ord595
ord598
ord520
ord631
ord632
EVENT_SINK_AddRef
ord528
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord607
ord608
ord531
ProcCallEngine
ord644
ord645
ord573
ord681
ord576
ord578
ord685
ord101
ord102
ord103
ord104
ord105
ord617
ord619
ord542
ord543
ord544
ord545
ord546
ord547
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ