General
Structural Analysis
Config.0
Yara Rules15
Sync
Community
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 358e54bf814e5c420568c0af8cd13df9
|
| Sha1 | f3a403871eee2abf3d4150c3b0dbd878c8c80c31
|
| Sha256 | dbdab701feecc382b037b61b4268f1f796c28f3c30d77e18506cb1646bf9cb0b
|
| Sha384 | 0e60cdfde4c07e813aa9af49aaf2e6553b5aa72618804b74175f4cdef715fa1850f3a07b55eb6c1a397bdc737c778330
|
| Sha512 | 9ffefc3abf2cdc5284f89a380b5f6da45cc2f130c863d63a17f03b67d1e66ab35bf13a946f5ced506081638e4a13839615a29c22adff5d76984b9c49e4b6156c
|
| SSDeep | 24576:o93UeGL++iSWT6YKQ6VjlMsFrHa9uavXsNjXcv+QRkv8zUK5aIIVjxGwDMOZq7b:m3dg++2DIdQXsNrcv+/BKqjg4c
|
| TLSH | 6475232626F13491D4762BF448F64013AA3274602F79BBBF22D9D2D48F131D2AB31B5B
|
PeID
Microsoft Visual C++ 8.0 (DLL)
File Structure
358e54bf814e5c420568c0af8cd13df9
[Authenticode]_11fa48ad.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:003F
ID:1033
ID:004C
ID:1033
ID:004D
ID:1033
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
Nextel
RT_GROUP_CURSOR4
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:1033
Palestine.xlm
Contracts.xlm
Cg.xlm
Televisions
Guess
Assumption
Involved
Vids
Nextel
Sealed
Competitors
Charms
Coming
Camera.xlm
Card.xlm
Wto.xlm
Televisions
Guess
Assumption
Involved
Vids
Nextel
Sealed
Competitors
Charms
Coming
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Authenticode present at 0x194000 size 12144 bytes |
| Info | PDB Path: wextract.pdb |
358e54bf814e5c420568c0af8cd13df9 (1.67 MB)
File Structure
358e54bf814e5c420568c0af8cd13df9
[Authenticode]_11fa48ad.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:003F
ID:1033
ID:004C
ID:1033
ID:004D
ID:1033
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
Nextel
RT_GROUP_CURSOR4
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:1033
Palestine.xlm
Contracts.xlm
Cg.xlm
Televisions
Guess
Assumption
Involved
Vids
Nextel
Sealed
Competitors
Charms
Coming
Camera.xlm
Card.xlm
Wto.xlm
Televisions
Guess
Assumption
Involved
Vids
Nextel
Sealed
Competitors
Charms
Coming
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.