General
Structural Analysis
Config.0
Yara Rules0
Sync
Community
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 28900c28195201a3559472230bb012b2
|
| Sha1 | f84d998ae12c8162490e7b300ee73874bd595e8d
|
| Sha256 | f4fbdd1877e4ab82978a14474e0c823aa7ac8dd7bd7fa6b23ce9a20dfe47fda0
|
| Sha384 | 2f884e54d8f34e7db96a20f161214b0d5b5e3bbb622e2e74619250b7d5ab812017d0ddb8003aba7e175366fbdb8c5eb2
|
| Sha512 | 173e5ff4a846b8e64315fc2298a1a8fedc3b88a4038a97f038c23f51d7ee5ec1af089cd98e2ebdab1907a6e740708977bb7bdeacc58c3d4c8b8277a6acd318b1
|
| SSDeep | 3072:Vo/lri4GAA94d2glr1Ap87V4g6Duv6Thx9iw7xe1AqBRqNGuVfJExk:e8d6368tv60seaqBRqNGsJE+
|
| TLSH | 38F3129055201D95F048B0F2636335A5063DE6B143AFEB5E3BB3A23C3DD9AA54CEB760
|
PeID
Netopsystems FEAD Optimizer 1
Packer=UPX Compresor..Gratuito... www.upx.sourceforge.net
UPX -> www.upx.sourceforge.net
UPX 2.90 (LZMA)
UPX exe - NRV2E/7 compression (32 bit ) ASL sign
UPX v0.80 - v0.84
UPX v1.25 (Delphi) Stub
UPX v3.0
UPolyX -> delikon
File Structure
7z-stream @ 0x0000B052.7z
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
UPX0
UPX1
.rsrc
Resources
RT_DIALOG
ID:0065
ID:1033
RT_VERSION
ID:0001
ID:1033
icon1.ico
helpdesk.txt
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.SharedD
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2057
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rdata
.data
.rsrc
Resources
RT_BITMAP
ID:008B
ID:2067
RT_ICON
ID:0002
ID:2067
RT_MENU
ID:0068
ID:1033
RT_DIALOG
ID:0065
ID:1033
ID:0066
ID:1033
ID:0083
ID:1033
ID:008C
ID:1033
ID:0092
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0A03
ID:1033
ID:0A04
ID:1033
ID:0A05
ID:1033
ID:0A06
ID:1033
RT_GROUP_CURSOR4
ID:0066
ID:2067
ID:0086
ID:2067
RT_VERSION
ID:0001
ID:1033
Overlay_4393e30f.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
UPX0
UPX1
.rsrc
Resources
RT_ICON
ID:0000
ID:7177
ID:0001
ID:2067
RT_DIALOG
ID:01F4
ID:1033
RT_STRING
ID:0001
ID:1033
ID:0005
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:7177
ID:00A4
ID:2067
RT_VERSION
ID:0001
ID:1033
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_4393e30f.bin (123757 bytes) |
28900c28195201a3559472230bb012b2 (168.81 KB)
File Structure
7z-stream @ 0x0000B052.7z
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
UPX0
UPX1
.rsrc
Resources
RT_DIALOG
ID:0065
ID:1033
RT_VERSION
ID:0001
ID:1033
icon1.ico
helpdesk.txt
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.SharedD
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2057
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rdata
.data
.rsrc
Resources
RT_BITMAP
ID:008B
ID:2067
RT_ICON
ID:0002
ID:2067
RT_MENU
ID:0068
ID:1033
RT_DIALOG
ID:0065
ID:1033
ID:0066
ID:1033
ID:0083
ID:1033
ID:008C
ID:1033
ID:0092
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0A03
ID:1033
ID:0A04
ID:1033
ID:0A05
ID:1033
ID:0A06
ID:1033
RT_GROUP_CURSOR4
ID:0066
ID:2067
ID:0086
ID:2067
RT_VERSION
ID:0001
ID:1033
Overlay_4393e30f.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
UPX0
UPX1
.rsrc
Resources
RT_ICON
ID:0000
ID:7177
ID:0001
ID:2067
RT_DIALOG
ID:01F4
ID:1033
RT_STRING
ID:0001
ID:1033
ID:0005
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:7177
ID:00A4
ID:2067
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.