a6b7793872afa6e829d3c2e4731a077b9a0b8d5cc3863828849426364bc99348N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6b7793872afa6e829d3c2e4731a077b9a0b8d5cc3863828849426364bc99348N
Size

88KB
MD5

29694cd0dcd20d869c417c6aeb3f0230
SHA1

cb55b4e77a43f068dbeaf1e23072df6dd1c40caa
SHA256

a6b7793872afa6e829d3c2e4731a077b9a0b8d5cc3863828849426364bc99348
SHA512

8b7343b81f0ea8f7a20290d803eb5e7aa3b87c10e1c61f46252f014f9cae97e0cfc423ede1da4d48c573f29967dad88592cc3bca2f56f3511cec0c5644c24ee3
SSDEEP

1536:0w9HImH2tHS5cUp4MuGJDEqTA1rpBSoGVxJopNh6vjNf7fjkVE0:HJlAH+cUGZaFANXSoGtKh2Jf7fZ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6b7793872afa6e829d3c2e4731a077b9a0b8d5cc3863828849426364bc99348N

Files

a6b7793872afa6e829d3c2e4731a077b9a0b8d5cc3863828849426364bc99348N
.exe windows:4 windows x86 arch:x86

101690ae850941642744d6760d1c08d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZInit

kernel32

MulDiv

msvbvm60

ord183
ord583
MethCallEngine
ord592
ord702
ord524
EVENT_SINK_AddRef
ord670
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord717
ProcCallEngine
ord644
ord570
ord575
ord100
ord432

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ