4803ade9d60a947b5b44d68b4aafec2f[.]zip | Triage

Sharing

General

Target

4803ade9d60a947b5b44d68b4aafec2f.zip
Size

24KB
MD5

339e4b022e21328763e9e5aaadbb7412
SHA1

668971ac1cd2c15830eea254f587a9e1d2ece6ac
SHA256

a9913a1c7ca3ec4549e9da0b238a3bd9ea61b1430ab4266099a69096e0e4f569
SHA512

162f279585a50be2eb105776beb832a8dd1aa5748f4682950247ae2bc7acec79f2ae7af60e7e88c5b1ed4da504e38e6d725697b6f1932bbc69f12521881b479e
SSDEEP

768:2sLHK9BtN8eT88khnyxUxRnqhIQB75VGxBHqf:vzK9htqywniB7DGLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bb228ad964d5c03cbfecefba82296e6bee4bf0321fe52287ef7071f8ab0a552d

Files

4803ade9d60a947b5b44d68b4aafec2f.zip
.zip

Password: infected
bb228ad964d5c03cbfecefba82296e6bee4bf0321fe52287ef7071f8ab0a552d
.exe windows:4 windows x86 arch:x86

Password: infected

91fbd6a5954cafc0eee4021fb9a2ba07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord187
MethCallEngine
ord517
ord518
ord593
ord594
ord520
ord631
EVENT_SINK_AddRef
ord527
ord528
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord717
ProcCallEngine
ord537
ord644
ord645
ord570
ord648
ord100
ord431
ord617

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ