478b8cef8dbaa3b6a7e271a9eb51c0e5[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

478b8cef8dbaa3b6a7e271a9eb51c0e5.zip
Size

38KB
MD5

8e94c9a3e982d5c8149c25e91b18442d
SHA1

4068cf5cb4f2f9e159301ac7b7d75b6de9f1e4ab
SHA256

dcdf1e57db91ef14177277eea25bef28f03825cc4b26aefc30ecd4685cb6fad6
SHA512

d279096fb819b8a37152aff43990689f0da6c76b0626f9ddd8a3bff3e404bcc0e78334c025491620b5a4e4fe32624c7fc10f58de99cc0bf307c6c8d124bad05d
SSDEEP

768:Krm7XL/nHHcmCllnVu2xmpzcLJ5W28goeTQC5zK/o5q5sFwgjW6Y:KKrDnncmG4lcl5rx34o5AsKg4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9cac3d3263f7828e7dd7a4d46ee551735b9154c088d440494481dc8f2990e734

Files

478b8cef8dbaa3b6a7e271a9eb51c0e5.zip
.zip

Password: infected
9cac3d3263f7828e7dd7a4d46ee551735b9154c088d440494481dc8f2990e734
.exe windows:4 windows x86 arch:x86

Password: infected

96e57d09efd03a48c83f1349e435734e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord598
ord709
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord607
ord608
ord531
ord645
ord570
ord576
ord100
ord617
ord619
ord580

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ