459bf525af841caeac26e8cbe19c25a857d5563859ca3c14948c41e1bc23f98e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

459bf525af841caeac26e8cbe19c25a857d5563859ca3c14948c41e1bc23f98e
Size

184KB
MD5

0345d70f154918dc34bda7d4a66fae3c
SHA1

fa802a89189c6cf8986249d9e41a99084cbe5bfb
SHA256

459bf525af841caeac26e8cbe19c25a857d5563859ca3c14948c41e1bc23f98e
SHA512

1fd7e96fd9216dd0d684a3e51ca9b2b26f3339b65654c541a04e4e8e351b6c439b793196d73068ae7c1ac56fd764428955326931934d30b864b892432054c541
SSDEEP

3072:5srOpBFDSwN1Zh/WcuiWxv4ENXjklzg+ixChnk:3WxvLNodgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
459bf525af841caeac26e8cbe19c25a857d5563859ca3c14948c41e1bc23f98e

Files

459bf525af841caeac26e8cbe19c25a857d5563859ca3c14948c41e1bc23f98e
.dll regsvr32 windows:4 windows x86 arch:x86

b6552bb76e97cb8a59afd778f3789242

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord660
ord557
ord300
ord303
ord598
ord305
ord306
ord520
ord309
ord632
ord526
EVENT_SINK_AddRef
ord528
ord561
DllFunctionCall
EVENT_SINK_Release
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord313
ord712
ord607
ord608
ProcCallEngine
ord681
ord685
ord101
ord102
ord103
ord104
ord105
ord617
ord619
ord542
ord650
ord545
ord546
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ