Suspect
104a4f8c67f6ac569fadd6d259f7f03b
PE Executable | MD5: 104a4f8c67f6ac569fadd6d259f7f03b | Size: 2.11 MB | application/x-dosexec
PE Executable
MD5: 104a4f8c67f6ac569fadd6d259f7f03b
Size: 2.11 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 104a4f8c67f6ac569fadd6d259f7f03b
|
| Sha1 | b93ce9b04ae7c536722d1bf9e80c007c67c49058
|
| Sha256 | 728e75ae848ac62aa705ed4e4c000dd3dfa2a4cf70a5adfbc56c5a9d2b017792
|
| Sha384 | a18100ecada23ab5d3808ef01de186338a81189c4b17bcfd8d9267177c18c2bffdbc498ecc6a00d8007e70109a87f18a
|
| Sha512 | e736bbd14a5db1b2d541bcfd71bd66858c8a71da3790f903b4ad43aaf4be61a4406051cb6b389b1c20519e1df46e83c13f1ce54fa8e3bd5ecd982a53e9afbec9
|
| SSDeep | 24576:s5uYyQO8hVDs/5IdhtQFujoh6m6vBsZZ5PXQBJOKdkjnoor0PfSIgZlHVvtRJQOh:gno8haujVsPAB8KY2+Bz+2
|
| TLSH | 9FA58E46B3A501F8D477C078CD466217FA72B4041774ABEB55A08A6A2F33FE13ABE315
|
PeID
MASM/TASM - sig4 (h)
Microsoft Visual C++ 8.0 (DLL)
Microsoft Visual C++ v6.0 DLL
File Structure
104a4f8c67f6ac569fadd6d259f7f03b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
CAFFEE_CONFIG
ID:007B
ID:0
RT_MANIFEST
ID:0001
ID:1033
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: t$di |
Artefacts
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | https://www.google.com |
| URLs in VB Code - #2 | https://www.microsoft.com |
| URLs in VB Code - #3 | https://www.cloudflare.com |
| URLs in VB Code - #4 | https://www.amyuni.com/downloads/usbmmidd_v2.zip |
| URLs in VB Code - #5 | http://ip-api.com/line/?fields=countryCode |
| URLs in VB Code - #6 | http://schemas.microsoft.com/windows/2004/02/mit/task |
104a4f8c67f6ac569fadd6d259f7f03b (2.11 MB)
File Structure
104a4f8c67f6ac569fadd6d259f7f03b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
CAFFEE_CONFIG
ID:007B
ID:0
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | https://www.google.com |
104a4f8c67f6ac569fadd6d259f7f03b |
| URLs in VB Code - #2 | https://www.microsoft.com |
104a4f8c67f6ac569fadd6d259f7f03b |
| URLs in VB Code - #3 | https://www.cloudflare.com |
104a4f8c67f6ac569fadd6d259f7f03b |
| URLs in VB Code - #4 | https://www.amyuni.com/downloads/usbmmidd_v2.zip |
104a4f8c67f6ac569fadd6d259f7f03b |
| URLs in VB Code - #5 | http://ip-api.com/line/?fields=countryCode |
104a4f8c67f6ac569fadd6d259f7f03b |
| URLs in VB Code - #6 | http://schemas.microsoft.com/windows/2004/02/mit/task |
104a4f8c67f6ac569fadd6d259f7f03b |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.