Suspicious
Suspect

21199cefe50939b10cff8e6120dcc8db

PE Executable
|
MD5: 21199cefe50939b10cff8e6120dcc8db
|
Size: 1.83 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
21199cefe50939b10cff8e6120dcc8db
Sha1
9ddb79b0a00ee7142f9563231372a0a29c55051b
Sha256
b4fd170f2d56421678f4743cba758fb69779b4bfd0f77202dbfc760d8ed1c8e5
Sha384
2e2adca9761f082c39742b217d5b8456eaa6dbc578f52018df50c384802da905a81f225e63aaa37c4497081407fa7905
Sha512
c1ae1157fc7fbe66e8a811887622475c8b229fb4e497fd7c8318645047e0cd09bd3fb1712dd6248cf0c749c6b2eaca0dc612d8f9221d9c994000aabe56699165
SSDeep
24576:n+vWzAEeWxTD2DZuPSzHV0cCEB8w799VuiZGQdVJSqSL7BoHXsaOW:n+ez+8i8oHVkwfVbMQfJSqSL7BoN
TLSH
43855A47A8A504FFD63DA1711A726231B67335AC436267873E9F03681B6AFE07E2D311

PeID

Microsoft Visual C++ v6.0 DLL
tElock 1.0 (private) -> tE!
tElock 1.0 (private) -> tE!
x64 GO Programming Lang. Compiler v1.1x.x - sign ASL
File Structure
21199cefe50939b10cff8e6120dcc8db
[Authenticode]_43c86c85.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.idata
.pdatab
.rsrc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
RT_DIALOG
ID:0066
ID:1033
ID:0069
ID:1033
ID:006A
ID:1033
ID:006B
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:0
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x1B9E00 size 22648 bytes
21199cefe50939b10cff8e6120dcc8db (1.83 MB)
File Structure
21199cefe50939b10cff8e6120dcc8db
[Authenticode]_43c86c85.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.idata
.pdatab
.rsrc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
RT_DIALOG
ID:0066
ID:1033
ID:0069
ID:1033
ID:006A
ID:1033
ID:006B
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:0
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙