df44b1fc2bab8fe47fb81d34b6c07dc0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df44b1fc2bab8fe47fb81d34b6c07dc0N.exe
Size

116KB
MD5

df44b1fc2bab8fe47fb81d34b6c07dc0
SHA1

12c3443d4d918aa3a63a37986c80e0a64d6c2661
SHA256

f26fdf53b0e59a278a6a2f16c12e79304299f8c7c2ec6157f9f5c492ca63e1dc
SHA512

d8935f4b231111cfaa303824954b7338fe9b620795cfcdf7f4cdbdc97846ba00afe66701378c77e35df78cd57d0ed2cc479b09b9f8fc8f05b53c18af83673640
SSDEEP

768:36eHIMgPRVUUC151Npquv3RnFKE7pGnbcuyD7UTTE:3Fo5U5bLpXRkPnouy8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df44b1fc2bab8fe47fb81d34b6c07dc0N.exe

Files

df44b1fc2bab8fe47fb81d34b6c07dc0N.exe
.exe windows:4 windows x86 arch:x86

3dcbc7d0ae83594aee771cb6c6621c0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

ord696
ord697
MethCallEngine
ord518
ord667
ord593
ord594
ord632
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord716
ord717
ProcCallEngine
ord537
ord644
ord681
ord100
ord616
ord619

Sections

.MPRESS1
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE