79da16d8f2c9eaa4deba79db4c0d2d28506a1bb1e6a47bbf0006221c40583037 | Triage

Sharing

General

Target

79da16d8f2c9eaa4deba79db4c0d2d28506a1bb1e6a47bbf0006221c40583037
Size

101KB
MD5

bf2d466ea3878bb14c703b66ee502d2b
SHA1

00b66d9f9def7cbc46e78674c37cc27c9979fc93
SHA256

79da16d8f2c9eaa4deba79db4c0d2d28506a1bb1e6a47bbf0006221c40583037
SHA512

239b7aa72c34eaece403a7c81b8b9e3ab380ed3b9c1d5b19ca542bab7c3f69275fc081627bd17dcb2e6665d6454ee8e162c6777612b2a31c6ad31b8549f9e41f
SSDEEP

1536:t57Oc2SYP4sXQgHQ4rLvxbgpyEijRqdwsPOhRXkrRt0yN/1JvEGW5QdqiuvOh:t5OcFEPHQ4rTypCsP4UtJp1JvhoQsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79da16d8f2c9eaa4deba79db4c0d2d28506a1bb1e6a47bbf0006221c40583037

Files

79da16d8f2c9eaa4deba79db4c0d2d28506a1bb1e6a47bbf0006221c40583037
.dll regsvr32 windows:4 windows x86 arch:x86

5d2f5abeca268ec50902fd2ebeb9c4ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarTstGt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 82KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE