Suspicious
Suspect

1f941ccbf50d80370c99acff3593cb02

PE Executable
|
MD5: 1f941ccbf50d80370c99acff3593cb02
|
Size: 158.63 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
1f941ccbf50d80370c99acff3593cb02
Sha1
6098c7053eff8e8004b108599c42ed757c926732
Sha256
012feffb86441278d04648ed0371d91e046004f01072a57b4a5a62024b22dad2
Sha384
a0c4c801e6ffa028c3eb306981be47d7838a21e467d633097a94afb0002f8797e46ae57b742b34b191ae17d9324e51fe
Sha512
04e8e56b8c57d625def58920d4a34f2292d0f94436a2a86aa918738f994456253cd58317989c2c3b571334008aa6b30f7728306dae0d9d0aba13b88636dd8171
SSDeep
3072:6wDijpS4DbYcRsuHpxVWMRyCHuq+K9kmAHOV/ZvBWu0t11X:6FGuJLWMRyrqjVuO1Wu0H
TLSH
5CF302026751C9F7C8194770453FDB38AFF69A6E91C519878341AF7ABD230838E2E2D6

PeID

Microsoft Visual C++ v6.0 DLL
File Structure
1f941ccbf50d80370c99acff3593cb02
[NSIS Installer] @ #0000C208
$PLUGINSDIR
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
CODE
DATA
BSS
.idata
.edata
.reloc
.rsrc
Resources
RT_STRING
ID:0FF9
ID:0
ID:0FFA
ID:0
ID:0FFB
ID:0
ID:0FFC
ID:0
ID:0FFD
ID:0
ID:0FFE
ID:0
ID:0FFF
ID:0
ID:1000
ID:0
RT_RCDATA
ID:0000
ID:0
[SETUP_DECOMPILED.NSI]
Overlay_c12ccc5b.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Overlay extracted: Overlay_c12ccc5b.bin (108965 bytes)
1f941ccbf50d80370c99acff3593cb02 (158.63 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙