Malicious
1de5029faf42841f563d79f72d27c3de
PE Executable | MD5: 1de5029faf42841f563d79f72d27c3de | Size: 2 MB | application/x-dosexec
PE Executable
MD5: 1de5029faf42841f563d79f72d27c3de
Size: 2 MB
application/x-dosexec
Infection Chain
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
High
|
Hash | Hash Value |
|---|---|
| MD5 | 1de5029faf42841f563d79f72d27c3de
|
| Sha1 | 11a17eb742d6a12aee7d8c5f4b56e8f3b316dcac
|
| Sha256 | bb723217f9c2932116c9e1313d558a7baddb921886eaa3beca95f7b3c5b848b0
|
| Sha384 | 4e8194d0361a95ea55514415f8e2e29cf60c28f7b130a22f14a8f8662b332134fa7a6c602c875f9856ba84455ae4dfc6
|
| Sha512 | 97e60969b575317b5a40d6d178f391fd7d4d60665e7ea909ad00cd5d0e4598e8555c526df1aa23c4dd9863fcf9b23bdc0d02a75142f32ab3c66b896e6d820d2e
|
| SSDeep | 49152:wQEU4fGSUIP78V0kUw0LwjfQYt3ODsbm8xio/TsdtU5o7CvTPZMqDLZrt0fFKMWx:wQEU4fGSUIP7U0kUw0LwjfQYt3ODsbmi
|
| TLSH | B595C727B3967B72C1540732C296242E8755D2CE2B63FB0A3D97072E19CA7FE9C4584B
|
PeID
.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
1de5029faf42841f563d79f72d27c3de
Malicious
Overlay_c57e286d.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
WPDYcfOvB9LF6jZdF6.hKX0nKxHlCrgWAWx54
cLavndRq9pXs4K2kl5.W1DVLM9cwBkfdfNhUl
rADojViFx1Hl94fbFe.ebZeaLv0uZ7KRsgZiH
KFqQH4TVthsDUpKkjO.jxS2CWXi24HTTh3ski
cN5N8TasAnbPFdqtdr.4Od6FC3fC9uHGhCKoL
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_c57e286d.bin (3584 bytes) |
| Module Name | ClassLibrary4.dll |
| Full Name | ClassLibrary4.dll |
| Scope Name | ClassLibrary4.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | ClassLibrary4 |
| Assembly Version | 1.0.9377.29844 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 108 |
| Main Method | Not found or no body |
| Module Name | ClassLibrary4.dll |
| Full Name | ClassLibrary4.dll |
| Scope Name | ClassLibrary4.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | ClassLibrary4 |
| Assembly Version | 1.0.9377.29844 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 108 |
| Main Method | Not found or no body |
1de5029faf42841f563d79f72d27c3de (2 MB)
File Structure
1de5029faf42841f563d79f72d27c3de
Malicious
Overlay_c57e286d.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
WPDYcfOvB9LF6jZdF6.hKX0nKxHlCrgWAWx54
cLavndRq9pXs4K2kl5.W1DVLM9cwBkfdfNhUl
rADojViFx1Hl94fbFe.ebZeaLv0uZ7KRsgZiH
KFqQH4TVthsDUpKkjO.jxS2CWXi24HTTh3ski
cN5N8TasAnbPFdqtdr.4Od6FC3fC9uHGhCKoL
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.