Malicious
2da10fd2dcd20e1fd62214291523d77c
PE Executable | MD5: 2da10fd2dcd20e1fd62214291523d77c | Size: 992.26 KB | application/x-dosexec
PE Executable
MD5: 2da10fd2dcd20e1fd62214291523d77c
Size: 992.26 KB
application/x-dosexec
Infection Chain
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
High
|
Hash | Hash Value |
|---|---|
| MD5 | 2da10fd2dcd20e1fd62214291523d77c
|
| Sha1 | ef635576d398ecfa831f152ff110278086dfa193
|
| Sha256 | c44829037074a72f5435241fc0b29e85dcacbd98da0f75fc1c9e1edae696d020
|
| Sha384 | ef5a1a098cb14c2cda2192fcc3be5de506bfc72af32fe9d178b9e464b5fad1c34cb952d67e5c3375088a34cc481dca5e
|
| Sha512 | 46d39142ac847a71189ee86a816a644a7a7051044aa41b591a5f572f0a49ea8017394931a6b9fdb21d80b1735a5536e6565a5531e673bba0d14df9c27ba263d4
|
| SSDeep | 12288:G2vgSHhSofXMua6oMIvq9FCkVU+oj2VVnbABOxTZF1TlqzIxSlF/02kDb:oovMuT4q9FNXp7JemSlF82Ob
|
| TLSH | 98253B00B2FBCFA3D31E5F73F0D6692447B4C939A69BF72AA542326120837528D5764E
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
2da10fd2dcd20e1fd62214291523d77c
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
GUjWa6SeQq7mm3q6av.mSMdFYGtZA3q5qCk5B
dn7gggxwS3leA5rlcF.d1O1HaHuUGjkHwL06m
sjugSgMuhf4xQlxPcV.aO5qov3FIPBDIfW9W0
qY27nbRBx6Cfk8DWBZ.YDwni5w7cCFAbE4fNE
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Tzxlpq.dll |
| Full Name | Tzxlpq.dll |
| Scope Name | Tzxlpq.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Tzxlpq |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 69 |
| Main Method | Not found or no body |
| Module Name | Tzxlpq.dll |
| Full Name | Tzxlpq.dll |
| Scope Name | Tzxlpq.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Tzxlpq |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 69 |
| Main Method | Not found or no body |
2da10fd2dcd20e1fd62214291523d77c (992.26 KB)
File Structure
2da10fd2dcd20e1fd62214291523d77c
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
GUjWa6SeQq7mm3q6av.mSMdFYGtZA3q5qCk5B
dn7gggxwS3leA5rlcF.d1O1HaHuUGjkHwL06m
sjugSgMuhf4xQlxPcV.aO5qov3FIPBDIfW9W0
qY27nbRBx6Cfk8DWBZ.YDwni5w7cCFAbE4fNE
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.