193785326689e582715b3ec1166e4ff9df8a573d072f3696f9cc922c68409ed3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

193785326689e582715b3ec1166e4ff9df8a573d072f3696f9cc922c68409ed3
Size

124KB
MD5

11c68663cec08998f5674cbd6d07224e
SHA1

d2b66e8624c93aca6daf37453567565e9259784d
SHA256

193785326689e582715b3ec1166e4ff9df8a573d072f3696f9cc922c68409ed3
SHA512

32ed59c2283b025d9cc1b110e8c4273b12a1297101f5b7ea6cf6abe37594bb9722ee621cc3337f2d16ece03f15900d114abb8b5596bcd658152beef4c389c024
SSDEEP

384:VR0b3Jl1aj+k3g9mx3EJAtVWu5R0b3Jl1aa7dH9TsB9TsBDURPVcAOYnce/7SQXl:zb+l92/PCpjURPWAO6ce/7Sb4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193785326689e582715b3ec1166e4ff9df8a573d072f3696f9cc922c68409ed3

Files

193785326689e582715b3ec1166e4ff9df8a573d072f3696f9cc922c68409ed3
.exe windows:4 windows x86 arch:x86

45df160a76b21aad5083c9beccbc69be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord620
ord519
ord554
ord595
ord596
ord709
ord525
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord716
ProcCallEngine
ord537
ord645
ord570
ord648
ord685
ord100
ord612
ord616
ord617
ord618
ord619
ord651
ord581

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE