3591c1ec9ed099b7a25fb6524701cd5029c3614157ee31011cf49a39c09b5369N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3591c1ec9ed099b7a25fb6524701cd5029c3614157ee31011cf49a39c09b5369N
Size

464KB
MD5

244b977595a1fc0200a90499073eee60
SHA1

0d695f4acd6da94db52803a247dc62b47450f1f6
SHA256

3591c1ec9ed099b7a25fb6524701cd5029c3614157ee31011cf49a39c09b5369
SHA512

0ee362012099e0e6a39f00a4ef577b1b7c8ad12a16042180cbe35807c8a21089a04dc3e3fea6eceb044246de3895b599a2606dbad5438589ec7bfedf58db0536
SSDEEP

6144:/choKFg42isWMib9dPX73+DUJjPJ1EaxOqw758mV4S5PEEXSgCHYqpXuZtxORV:+b9dv7dJjPbOJ7BV4MEoSgCHLX40RV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3591c1ec9ed099b7a25fb6524701cd5029c3614157ee31011cf49a39c09b5369N

Files

3591c1ec9ed099b7a25fb6524701cd5029c3614157ee31011cf49a39c09b5369N
.exe windows:4 windows x86 arch:x86

cebec99455df8a7950134c0a94ee54f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

kernel32

GetProcAddress
CopyFileA
LoadLibraryA

msvbvm60

ord516
ord626
__vbaCopyBytes
ord669
ord593
ord595
ord598
ord631
ord632
ord525
ord527
ord529
DllFunctionCall
ord600
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord716
ord717
ProcCallEngine
ord535
ord537
ord644
ord645
ord570
ord648
ord681
ord100
ord616
ord617
ord580

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ