efb28d0b8e5d0840cf9703d01ada57a74f5b2a270cfd093d18ca1cd578228d2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efb28d0b8e5d0840cf9703d01ada57a74f5b2a270cfd093d18ca1cd578228d2f
Size

116KB
MD5

78658bfa542a9d4a84ca34f27a298719
SHA1

92b2efcb687890d2d346495dee5d6862a21a168e
SHA256

efb28d0b8e5d0840cf9703d01ada57a74f5b2a270cfd093d18ca1cd578228d2f
SHA512

6c998b373b7ad93c11031d48e6757923fbcb5b6acc1b7b6a72537f0f66805119ffe642b39fbffc1d0489a9b34e0cc423f75d62e743488b775283756243f077cd
SSDEEP

768:tpcB1g/0EYOBiMrXT0c9TPzEl4FFxTBYDtT4r0bnk9h9qsCtOScVdXatObc9HhRy:Ug/RY1CXTrrEyZ+B0rCsSsCEdKQo4N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efb28d0b8e5d0840cf9703d01ada57a74f5b2a270cfd093d18ca1cd578228d2f

Files

efb28d0b8e5d0840cf9703d01ada57a74f5b2a270cfd093d18ca1cd578228d2f
.exe windows:4 windows x86 arch:x86

71b2641c516799792ec3a84c55c36127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord593
ord300
ord594
ord595
ord303
ord306
ord520
ord309
ord631
ord632
EVENT_SINK_AddRef
ord560
DllFunctionCall
ord670
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord531
ProcCallEngine
ord537
ord645
ord570
ord681
ord685
ord100
ord613
ord616
ord617
ord619
ord581

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ