Malicious
Malicious

4d111b5dae26057e8acaa91af9cab251

PE Executable
|
MD5: 4d111b5dae26057e8acaa91af9cab251
|
Size: 3.13 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
4d111b5dae26057e8acaa91af9cab251
Sha1
4de05bbe09714226eb7bc9a5813132d49b21562d
Sha256
beca148fe90dcb06dc2aedfffc5b7098453b1489f1cc6e69febb520e2e253ce4
Sha384
36aa27abffd1fb960c6ec08bc543bf99f7bd69956a2a1bb05db9ad3f86f47788873d1b7cb6c139bf8b1ed4c2bc7cab8f
Sha512
df205c36341f4c787a12f7d2fe31385cf11886ba2848338472fbeb0eab1d7a026e1199f3a468a1258bf4125ea464e844483e35dec7be5fa71f1dffebbdd402b5
SSDeep
49152:+omajauU2If7zkalfz6n5d7Ft2UBLQRx+Z1s:+qauU2Yo0fenLbFlQx4
TLSH
57E53962B50669CFD48E12799067CDAB996C03BD4B2448C3EC5CF5BABE73CC117A5C28

PeID

Microsoft Visual C++ v6.0 DLL
UPolyx 0.4 -> delikon
File Structure
4d111b5dae26057e8acaa91af9cab251
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rsrc
.idata
bsppfaxb
eaovzbbz
.taggant
PtKXQqfT
ZzmDXUrA
pazkyihx
WHYpppDb
UtsKXaYa
laoePUpq
BwpBPsqs
qEFkHLgf
hPNLeSic
lnXCtJGx
Resources
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Artefacts
Name
 Value
LummaEncrypted@00045600 [0123456789abcdef]

????
LummaEncrypted@00045613 [0123456789ABCDEF]

????
LummaEncrypted@00045628 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@00046CD8 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@00046DA1 [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LummaEncrypted@000475D5 [0123456789ABCDEF]

????
LummaEncrypted@00057CCA [6595b64144ccf1df]

!YG?
LummaEncrypted@0020E89B [DDDDDDDD]

4d111b5dae26057e8acaa91af9cab251 (3.13 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙