Malicious
Malicious

2c983e8a01b18dd7b1650e473f5daf11

PE Executable
|
MD5: 2c983e8a01b18dd7b1650e473f5daf11
|
Size: 655.36 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
2c983e8a01b18dd7b1650e473f5daf11
Sha1
8647c770a351f7332e01ef56a6bf150300e33c34
Sha256
525a2f6a266dcf0dd08ef95cbbeb062bb3d04ea07ebd0da0edf17b7be4ba95c0
Sha384
6ea000b264c26b7bd8333166aae5d524c529c73de9fa3535df23b7ede26141134258af77189d204e415ba6b2158b5ea5
Sha512
0d60629e89d4b082785ef2e995856921dd27bf738c86c4e5fa4382b039751d2a548b226539ea90e97d07631632f8ff855f05d288295424ebd919fd7d00e5b727
SSDeep
12288:vsjCF2QZiOU+4zX7wM45QygROD22O3ZGdZD7AyyymI:vOC39Uv7V4WnROD22cqD7YI
TLSH
49D4CF0AFA5381A1E809083714EAF77B1630AE174725CEC7EBC0FB98AC77BD16579506

PeID

Microsoft Visual C++ v6.0 DLL
File Structure
2c983e8a01b18dd7b1650e473f5daf11
Malicious
[Authenticode]_874623c1.p7b
Overlay_0fb76dc6.bin
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.X2"*
.d>ir
.1
.T:O
.b9"g9Y
.LJn
.'
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
RT_MENU
ID:008D
ID:1033
ID:0169
ID:1033
ID:026D
ID:1033
ID:0305
ID:1033
RT_DIALOG
ID:004C
ID:1033
RT_RCDATA
ID:0064
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x39400 size 7801 bytes
Info

Overlay extracted: Overlay_0fb76dc6.bin (413056 bytes)
Artefacts
Name
 Value
LummaEncrypted@00039526 [070615000000]


LummaEncrypted@00039535 [120614235959]

K_
LummaEncrypted@000398DD [031204000000]


LummaEncrypted@000398EC [131203235959]

JK
LummaEncrypted@00039C78 [040716000000]


LummaEncrypted@00039C87 [140715235959]

M^
LummaEncrypted@0003A191 [090211000000]


LummaEncrypted@0003A1A0 [120211235959]

K[
LummaEncrypted@0003A892 [090213104341]

JC
LummaEncrypted@000404B6 [2DF8D04C]

LummaEncrypted@00040DC5 [00000000]

LummaEncrypted@00040DDD [000000000000]

LummaEncrypted@00041205 [00000000]

LummaEncrypted@00041268 [8D8F21B62347274727422C422C]

????? ??
LummaEncrypted@0004128A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]

D~?/???/#?r?????=.??DE'/????
LummaEncrypted@000412DB [A7A50BDC15E4A3E5A3E5A3]

?A?9@?
LummaEncrypted@0004130E [00000001]

LummaEncrypted@00041318 [3832D640]

LummaEncrypted@00041330 [00A0C911005A]

LummaEncrypted@00041344 [00000000]

LummaEncrypted@00094C17 [0123456789abcdef]

????
LummaEncrypted@00094C2A [0123456789ABCDEF]

????
LummaEncrypted@00094C3F [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@00095F2F [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0009668B [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LummaEncrypted@00096FF0 [0123456789ABCDEF]

????
LummaEncrypted@00097018 [7567fff5468f5b682780aea4c2eb6266]

3???R?QQ????
LummaEncrypted@00005236 [2DF8D04C]

LummaEncrypted@00005B45 [00000000]

LummaEncrypted@00005B5D [000000000000]

LummaEncrypted@00005F85 [00000000]

LummaEncrypted@00005FE8 [8D8F21B62347274727422C422C]

????? ??
LummaEncrypted@0000600A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]

D~?/???/#?r?????=.??DE'/????
LummaEncrypted@0000605B [A7A50BDC15E4A3E5A3E5A3]

?A?9@?
LummaEncrypted@0000608E [00000001]

LummaEncrypted@00006098 [3832D640]

LummaEncrypted@000060B0 [00A0C911005A]

LummaEncrypted@000060C4 [00000000]

LummaEncrypted@00059997 [0123456789abcdef]

????
LummaEncrypted@000599AA [0123456789ABCDEF]

????
LummaEncrypted@000599BF [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0005ACAF [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0005B40B [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LummaEncrypted@0005BD70 [0123456789ABCDEF]

????
LummaEncrypted@0005BD98 [7567fff5468f5b682780aea4c2eb6266]

3???R?QQ????
2c983e8a01b18dd7b1650e473f5daf11 (655.36 KB)
File Structure
2c983e8a01b18dd7b1650e473f5daf11
Malicious
[Authenticode]_874623c1.p7b
Overlay_0fb76dc6.bin
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.X2"*
.d>ir
.1
.T:O
.b9"g9Y
.LJn
.'
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
RT_MENU
ID:008D
ID:1033
ID:0169
ID:1033
ID:026D
ID:1033
ID:0305
ID:1033
RT_DIALOG
ID:004C
ID:1033
RT_RCDATA
ID:0064
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LummaEncrypted@00039526 [070615000000]



Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00039535 [120614235959]

K_

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@000398DD [031204000000]



Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@000398EC [131203235959]

JK

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00039C78 [040716000000]



Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00039C87 [140715235959]

M^

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@0003A191 [090211000000]



Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@0003A1A0 [120211235959]

K[

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@0003A892 [090213104341]

JC

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@000404B6 [2DF8D04C]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00040DC5 [00000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00040DDD [000000000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00041205 [00000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00041268 [8D8F21B62347274727422C422C]

????? ??

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@0004128A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]

D~?/???/#?r?????=.??DE'/????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@000412DB [A7A50BDC15E4A3E5A3E5A3]

?A?9@?

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@0004130E [00000001]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00041318 [3832D640]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00041330 [00A0C911005A]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00041344 [00000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00094C17 [0123456789abcdef]

????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00094C2A [0123456789ABCDEF]

????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00094C3F [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00095F2F [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@0009668B [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00096FF0 [0123456789ABCDEF]

????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00097018 [7567fff5468f5b682780aea4c2eb6266]

3???R?QQ????

Malicious

2c983e8a01b18dd7b1650e473f5daf11
LummaEncrypted@00005236 [2DF8D04C]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@00005B45 [00000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@00005B5D [000000000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@00005F85 [00000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@00005FE8 [8D8F21B62347274727422C422C]

????? ??

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0000600A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]

D~?/???/#?r?????=.??DE'/????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0000605B [A7A50BDC15E4A3E5A3E5A3]

?A?9@?

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0000608E [00000001]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@00006098 [3832D640]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@000060B0 [00A0C911005A]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@000060C4 [00000000]

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@00059997 [0123456789abcdef]

????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@000599AA [0123456789ABCDEF]

????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@000599BF [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0005ACAF [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0005B40B [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0005BD70 [0123456789ABCDEF]

????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
LummaEncrypted@0005BD98 [7567fff5468f5b682780aea4c2eb6266]

3???R?QQ????

Malicious

2c983e8a01b18dd7b1650e473f5daf11 > Overlay_0fb76dc6.bin
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙