Suspicious
Suspect

258f766db4b47d01afac1b936bc68491

PE Executable
MD5: 258f766db4b47d01afac1b936bc68491
Size: 632.3 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Hash
Hash Value
MD5
258f766db4b47d01afac1b936bc68491
Sha1
07c9165974f07448891a8e040e5b23088a1300a0
Sha256
9e4b906cc1513c2c1da331ea25881ead2ba68599a9429f5af619b97816eeebfc
Sha384
b46e990d7c92b354bffb9edd7c69862ea5c6824aa6e7286ea80bd9c8186aa30251d23d5ff13d23bfe92b545f0c3817be
Sha512
ef6a87531aa245020d36d5b4a6b19752faa45c02de53c892409304cb3a6ce5a1bf08f78cc35fce5cc74264809de8612a198bc527fd811d9457b2b0e0efaa1ec6
SSDeep
12288:7L24bc/kcZzaYMif2tO1ECN6PF8ZQz0DnrYzP00ZA:7NI8+MzCNa8ZQoDnsz1A
TLSH
EDD4CFC1FC93D029C4C118F6D89DD13E852AEE9893922D01B6C6BB1995F690DDDCC1FA

PeID

Installer Nullsoft PiMP Stub v.3.0.x - A.S.L
Microsoft Visual C++ v6.0 DLL
File Structure
[NSIS Installer] @ #00035408
Unwroken.Pit
Discouraging.myn
Galvanomagnetism58.sop
Hoorah.kna
Particule.ban
amalgamationist.ref
caxiri.udm
christinas.var
dreamless.sok
endothrix.rad
fartskrivers.kim
landevejsrverne.ove
makron.pas
proceed.bil
svmmebriller.sto
trlbindende.tol
unissuant.vel
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
[SETUP_DECOMPILED.NSI]
Overlay_438f10a4.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_BITMAP
ID:006E
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:1033-preview.png
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
RT_DIALOG
ID:0068
ID:1033
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Info

Overlay extracted: Overlay_438f10a4.bin (414185 bytes)

258f766db4b47d01afac1b936bc68491 (632.3 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙