Suspect
PE Executable
MD5: 4af1d2af508abef8bfc77dafa3b80444
Size: 5.3 MB
application/x-dosexec
Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.
AI analysis is available with Essential.
Unlock with Essential
| MD5 | 4af1d2af508abef8bfc77dafa3b80444 |
| Sha1 | 6755f01a7afcc38ab77aff560b0c905e4dc7d7df |
| Sha256 | 0fa477cedacdea2e1782414d0568b7b5e83e86ccb827710a724448e43bbf6a09 |
| Sha384 | 6896b78e42bb4e502f8ade046588a79092eedcaca0ec3e9a2ea42a0ad83c094a0ff9c28a70e62a438ba49b41ea248895 |
| Sha512 | a57b7f31312864c7f79839cb6862267a4df0d14d2c521dad8221341269fb21fcfef51ba84e21b583548de64fcbf3ea1fd4cd835f67950caf02830ec92f6c6fde |
| SSDeep | 49152:jnYnjQqMSPbcBV6hnvxJM0H9PAMEcaEau3R8:DI8qPoB0hvxWa9P593R8 |
| TLSH | 09363364632C91BCE166067084B38D38E7777C62633E871F87A4C7560E137A7BB64B26 |
PeID
Microsoft Visual C++ 6.0 DLL (Debug)Microsoft Visual C++ v6.0 DLLMicrosoft v12.00 64bit C++ DLL - sign ASL ( 64 bit ) UPolyX 0.3 -> delikon
STICH
beta
Structural Threat Infection Chain Hash
A content-independent fingerprint of the infection method: successive formats, internal objects and MITRE techniques from the initial file to each final payload.
STICH Path = the fingerprint (canonical chain with techniques)
STICH Shape = structure only
Only determinant branches produce STICH Paths.
Path
pe:dll
Shape
pe:dll
1 nodes
| Name | Value |
|---|---|
| Info | PE Detect: PeReader FAIL, AsmResolver Mapped OK |
PE Layout
UNKNWOWNsuspect
Memoryhuhuhuhuhuhuhuhuhuhuhu
Full artefact values (URLs, paths, registry keys, scripts…) are available with Essential.
Unlock with Essential