2ee539d763dceda49a34dce8d7d6322296bc7e0d8081889c39cff23805cacb90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ee539d763dceda49a34dce8d7d6322296bc7e0d8081889c39cff23805cacb90
Size

1.5MB
MD5

433c0ce464672310173d23e4648c0594
SHA1

bc018c6f04823a390b739a1a60169f510c7c3c5a
SHA256

2ee539d763dceda49a34dce8d7d6322296bc7e0d8081889c39cff23805cacb90
SHA512

97cc8a60badd57ac520ff82aa0da684223a03cd0193de8c8e5cdd52e9ece15d51a4cc9f5cdd283cc7851ac4ba9fa4af4e9f72b6dd10f4a3ea6a9da1b8130f11e
SSDEEP

12288:rml+vOoH/uLJOyo937vGFWxwFJI+yeuVb8r+ZP712Ii+51cjVWtVj5J:Sl+vF2JOt934J7Z6bQaj1BvUm9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ee539d763dceda49a34dce8d7d6322296bc7e0d8081889c39cff23805cacb90

Files

2ee539d763dceda49a34dce8d7d6322296bc7e0d8081889c39cff23805cacb90
.exe windows:4 windows x86 arch:x86

8b19884c97dabf512b078107e002781d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord690
MethCallEngine
EVENT_SINK_Invoke
ord620
ord518
Zombie_GetTypeInfo
ord595
ord598
ord599
ord520
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
ord670
ord563
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord605
ord606
ord607
ord608
ord716
ord319
ProcCallEngine
ord537
ord645
ord570
ord648
ord681
ord576
ord578
ord685
ord100
ord689
ord320
ord321
ord613
ord616
ord617
ord546

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE