General
Structural Analysis
Config.0
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 0dfc61a83241ea7f8e72053218a1a0ce
|
| Sha1 | 39b3a4ed53fc026dd99958f79a06c4a439560ae5
|
| Sha256 | bca5ffb9737d1a5153b454a1ad91c91340c7176b31ef102f7958042818e031fa
|
| Sha384 | 37b5096a1ea929e662fd1550596d31cddac4ec5d02d538a174aa61ebf5292c7cfab87398af945b7f434272deb9d469e8
|
| Sha512 | 1835557fc12126143491ad2a42af76343bd5f7a3e550ed528d4c9072864b37bf0ec7d7f2c748c6e787264b5391fda2eb392b877deff89dba771d55422fde621e
|
| SSDeep | 49152:IBJR7UrN26CONObhPCE/sRAJAXyKgJnokp:yj7UTC5bh7/DWyfoI
|
| TLSH | 2EA5BE0A65924FB7C26157318567013D42A9DA353E61EF4B7A4F20E2A803BF5CA723F7
|
PeID
HQR data file
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
VC8 -> Microsoft Corporation
File Structure
0dfc61a83241ea7f8e72053218a1a0ce
Malicious
Overlay_f5513d0a.bin
Malicious
bridgehyperCom.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ZH5TYH16RUW6cxPc3y.lNbEjIbxd2hPdPDCnQ
ZSDYUrTmdLZ3lwECve.FINFlmhkCObo6475jS
QwhYjUuQjDEveWvaVc.hJTqI3W9YRdj6FSCBZ
A4B5JSKybesHk3x4T5.DruEoCNfq4pspFIXV0
NbOl0FDtHBY4ZT2YOQ.HSykFbd8KTKrmpUQBM
HkiCr1wQ9ZM42rRtQL.pqnTafcElJpYiisHId
X2c.bat
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
0dfc61a83241ea7f8e72053218a1a0ce.decoded.vbs
Malicious
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_f5513d0a.bin (1918100 bytes) |
| Info | PDB Path: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb |
0dfc61a83241ea7f8e72053218a1a0ce (2.24 MB)
File Structure
0dfc61a83241ea7f8e72053218a1a0ce
Malicious
Overlay_f5513d0a.bin
Malicious
bridgehyperCom.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ZH5TYH16RUW6cxPc3y.lNbEjIbxd2hPdPDCnQ
ZSDYUrTmdLZ3lwECve.FINFlmhkCObo6475jS
QwhYjUuQjDEveWvaVc.hJTqI3W9YRdj6FSCBZ
A4B5JSKybesHk3x4T5.DruEoCNfq4pspFIXV0
NbOl0FDtHBY4ZT2YOQ.HSykFbd8KTKrmpUQBM
HkiCr1wQ9ZM42rRtQL.pqnTafcElJpYiisHId
X2c.bat
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
0dfc61a83241ea7f8e72053218a1a0ce.decoded.vbs
Malicious
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.