1d20b6271b012a5a5376e8219a675d9f[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d20b6271b012a5a5376e8219a675d9f.zip
Size

74KB
MD5

3fc70dec061b9659258cf66994130994
SHA1

e477625f8db18da140c480a63f1a058816b4f014
SHA256

b9b8bbcdde1d21587fac926baf2752c12f87452aa3936c37e91cfd3b32f45829
SHA512

395d1d75819c18ec12fa2f1828680cc7f456cb617718cf9c2a8ab2cd62a6eb1d3ae9076a59c850703633c8e7250202b8e643f8c9b73e14e7ded6cac3b9662310
SSDEEP

1536:hT4+xelhosMra54AYgsm3qmf+Uuimed3i8FVy2iauiDCWu:hT4+OosRasGUuimA362iatW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d0702c41fb38db75bace91785d4a18a0bb06338ea994ef52ab1a023554f719a0

Files

1d20b6271b012a5a5376e8219a675d9f.zip
.zip

Password: infected
d0702c41fb38db75bace91785d4a18a0bb06338ea994ef52ab1a023554f719a0
.exe windows:4 windows x86 arch:x86

Password: infected

96e57d09efd03a48c83f1349e435734e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord598
ord709
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord607
ord608
ord531
ord645
ord570
ord576
ord100
ord617
ord619
ord580

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ