Suspicious
Suspect

1f023326c28945f966a289d621f080e9

ZIP Archive
|
MD5: 1f023326c28945f966a289d621f080e9
|
Size: 13.3 MB
|
application/zip

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
1f023326c28945f966a289d621f080e9
Sha1
6d3d2650b0d119fbe25c3d8c822063de80e4cfd3
Sha256
f037a658f8a9340faa41f98f2ea03e91966cacf5ac61ba99c049545373e6f4a4
Sha384
eda0c492adc17a77a5fcc50094f4ce9ad9cde22472b689febcf90a7487eb869a9ceafb647700ee46961c7f6c91e58c53
Sha512
7d94405d15be43cf032fbe81eb86719c5a91a144ea29e48899e791ea0f52d7df904cfa52cb0db2188a9c5506e582fd1f52fde08ab8e83dd92fdda162159ad4a3
SSDeep
393216:T4R6risk+S6gBjXpNq59Da1Rwa2PKCMCsVBp9ISbK:T44rwN6kj/q/D4OaFV9ISG
TLSH
C0D63329D02AAA2653B681B544FAEC7D01537FD14D31F11C816BD19CA21EC9F2EEEB0D
File Structure
1f023326c28945f966a289d621f080e9
myapp
CAgent32.exe
[Authenticode]_4b1e9673.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_MANIFEST
ID:0001
ID:1033
MSVCP140.dll
[Authenticode]_2cb8e2be.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.didat
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
physics.yaml
Qt5Core.dll
[Authenticode]_06f13f62.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Qt5Gui.dll
[Authenticode]_d11d562d.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Qt5Network.dll
[Authenticode]_d1632272.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Qt5Widgets.dll
[Authenticode]_0c36be11.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
session_mon.xml
VCRUNTIME140.dll
[Authenticode]_91d55f39.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
vcruntime140_1.dll
[Authenticode]_132cfd07.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
VMProtectSDK64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.reloc
Artefacts
Name
 Value
URLs in VB Code - #1

file:///
URLs in VB Code - #2

http://ocsp.thawte.com0
URLs in VB Code - #3

http://crl.thawte.com/ThawteTimestampingCA.crl0
URLs in VB Code - #4

http://t2.symcb.com0
URLs in VB Code - #5

http://t1.symcb.com/ThawtePCA.crl0
URLs in VB Code - #6

http://ts-ocsp.ws.symantec.com07
URLs in VB Code - #7

http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
URLs in VB Code - #8

http://ts-crl.ws.symantec.com/tss-ca-g2.crl0
URLs in VB Code - #9

http://tl.symcb.com/tl.crl0
URLs in VB Code - #10

https://www.thawte.com/cps0/
URLs in VB Code - #11

https://www.thawte.com/repository0W
URLs in VB Code - #12

http://tl.symcb.com/tl.crt0
1f023326c28945f966a289d621f080e9 (13.3 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙