General
Structural Analysis
Config.0
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 0d7a121518a885586f707de34d275ecf
|
| Sha1 | 1782443a605b041bc405b631af43c28e97fa2555
|
| Sha256 | da0732b540cf55107d03e09ffcf0d6c57a733c01a9ccac2c0fcd7ec2cf24f12d
|
| Sha384 | 163d47131337b9c27ce6194fdc7d2451ab716db073c7afbbf5578f351c0c0322259a068c982bd7a030213564bd6a085a
|
| Sha512 | 8451a4e50365dc03a33e9921451bc1c33bd134915728329c440fc7c6b30387710d7d3d8b3f0f3fc63216afe5a9714c5546aa822edfa8ffe05c218c77cd11b2c3
|
| SSDeep | 49152:IBJv52jQhi2xhfXEVAV1Hf5YWL4OC1Qy7qD9:yp22xhfXQAV15Yi4OUqD9
|
| TLSH | 30A5CF1676924E73C271173546AB523D42A4D7223623EF4F3A1F2086AD0BBF19B761B3
|
PeID
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
VC8 -> Microsoft Corporation
File Structure
0d7a121518a885586f707de34d275ecf
Malicious
Overlay_b41804d8.bin
Malicious
hypermonitorNet.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
NCM7KoqNlLnabCB0xU.hG5NAdfxQ9me71NP4L
aE7qj9Pi1uWKTpNng6.gjNd4XFjvXuu2Z8FUC
8wYO4uIsYVED3biQ4Z.CyYXJNSVD57rikDVoq
D8i9OSHrgvjGTwGypJ.KxBY4P8Kra4K77xWud
Ic1fGERh1sA4AoRklD.wYgOAkD3nR5NrCkfP0
TyuV5xxXP7RvURwTvu.AWFgRXc0UiLHafsTvi
AXDKbhllRWg7uh7gUGloBOOsmk2vDvDtIBNCng7Pn5MdYwjMF.bat
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
0d7a121518a885586f707de34d275ecf.decoded.vbs
Malicious
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_b41804d8.bin (1919734 bytes) |
| Info | PDB Path: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb |
0d7a121518a885586f707de34d275ecf (2.24 MB)
File Structure
0d7a121518a885586f707de34d275ecf
Malicious
Overlay_b41804d8.bin
Malicious
hypermonitorNet.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
NCM7KoqNlLnabCB0xU.hG5NAdfxQ9me71NP4L
aE7qj9Pi1uWKTpNng6.gjNd4XFjvXuu2Z8FUC
8wYO4uIsYVED3biQ4Z.CyYXJNSVD57rikDVoq
D8i9OSHrgvjGTwGypJ.KxBY4P8Kra4K77xWud
Ic1fGERh1sA4AoRklD.wYgOAkD3nR5NrCkfP0
TyuV5xxXP7RvURwTvu.AWFgRXc0UiLHafsTvi
AXDKbhllRWg7uh7gUGloBOOsmk2vDvDtIBNCng7Pn5MdYwjMF.bat
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
0d7a121518a885586f707de34d275ecf.decoded.vbs
Malicious
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.