Suspicious
Suspect

37e1d0b9f568a2c6e17092c684425476

PE Executable
|
MD5: 37e1d0b9f568a2c6e17092c684425476
|
Size: 9.64 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
37e1d0b9f568a2c6e17092c684425476
Sha1
fc3e63ba1d5fd17a769e9252f8f5eabe581b1df5
Sha256
5bc74e1ce5b9719d313c4327577afa68f20dd37bc3fc4acdae70b179f2d34679
Sha384
8423930d03272d991426bcb226cdea7b2eec35e8700b86c881d4a0553a0d75a96dfc58c09fbf8f09283ab5738974d44f
Sha512
21f0d13818ef213abe6931ee638d93c87d9aaec421353c250bc80223f3406f49d142e3fec9a111a14cc7c9dcb2003c9b804f5ca9ae80e05651861bf15e03bc83
SSDeep
98304:0IYJlrC/ikojJw5SSQj8+cdaEA2b3Odj/vhZqkneH1YjS17yl21py:0I2MiVJw5Qkj3Qj/vhZveH1CSlyl26
TLSH
0AA68E03EC9515E9C2E9A63189B79253BA717C451B3263D72BA0F3382F73BD06AB5710

PeID

HQR data file
Microsoft Visual C++ v6.0 DLL
Private EXE Protector V2.30-V2.3X -> SetiSoft Team
UPolyX 0.3 -> delikon
tElock 1.0 (private) -> tE!
tElock 1.0 (private) -> tE!
File Structure
37e1d0b9f568a2c6e17092c684425476
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.xdata
.idata
.reloc
.symtab
4
19
32
46
65
78
90
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Artefacts
Name
 Value
URLs in VB Code - #1

http://chunkedCreatedIM
URLs in VB Code - #2

www.dword:00000001dword:00000000dword:00000002OpenSCManagerWModule32FirstWunreachable
URLs in VB Code - #3

https://api.ipify.orgDisableIOAVProtectionPromptOnSecureDesktopbad
URLs in VB Code - #4

https://go.dev/issue/66821
URLs in VB Code - #5

https://go.dev/pkg/crypto/rsa#hdr-Minimum_key_size
37e1d0b9f568a2c6e17092c684425476 (9.64 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙