Suspicious

06800a0ad773925d485e7a539997ad57

PE Executable
|
MD5: 06800a0ad773925d485e7a539997ad57
|
Size: 1.16 MB
|
application/x-dosexec

Print

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	06800a0ad773925d485e7a539997ad57
Sha1	d93e3d4a4ccc1eca31c35c6a2f45c41779ae218d
Sha256	8a42c891c1d9e6e85b75a9d29a81185fab32f4cbf78a83348e2cac8e2fc3db8a
Sha384	cd08fcc08e1390d3f6f617bdcf7ca6827bbbc9743b3a3bf3219134f2b1ab045098772c4d018068b3462fdce6d9cf7274
Sha512	cc19a1afacd2190a0065af5ef57e2a84fbc172962c9448c674e4c196cc9fbc3aafcbcb308e433f95760007d3bd97045613b7ed01651530ed8371c10e2b89f5e1
SSDeep	24576:saidf+Lr/Z/lJa1c7OyS8oAsPkBoslHyXCamWK78iE0w:sHd23Bi1AyZmWK78ew
TLSH	5345CF07FA8908F3DB6B40344597962AEE36B8114796CBCF57B04E5A5E333E09E39352

PeID

Microsoft Visual C++ 7.0 - 8.0

Microsoft Visual C++ 8.0 (DLL)

Microsoft Visual C++ v6.0 DLL

Private EXE Protector V2.30-V2.3X -> SetiSoft Team

File Structure

Artefacts

Name0	Value
PDB Path	t$di
URLs in VB Code - #1	http://crl.verisign.com/tss-ca.crl0
URLs in VB Code - #2	http://ocsp.verisign.com0
URLs in VB Code - #3	http://crl.verisign.com/ThawteTimestampingCA.crl0
URLs in VB Code - #4	https://www.verisign.com/rpa
URLs in VB Code - #5	http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
URLs in VB Code - #6	https://www.verisign.com/cps0
URLs in VB Code - #7	http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
URLs in VB Code - #8	https://www.verisign.com/rpa0
URLs in VB Code - #9	http://logo.verisign.com/vslogo.gif04
URLs in VB Code - #10	http://crl.verisign.com/pca3-g5.crl04
PDB Path	c:\p4builds\Products\GoToMeeting\v5.4_builds\output\G2M_Exe.pdb
PDB Path	g2m.pdb

06800a0ad773925d485e7a539997ad57 (1.16 MB)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙