Malicious
Malicious

4f5e638e302bfeae89b1293da04557e0

PE Executable
|
MD5: 4f5e638e302bfeae89b1293da04557e0
|
Size: 3.19 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
4f5e638e302bfeae89b1293da04557e0
Sha1
9a4ae45b3ba19e367563d9a20117f51d226c8e28
Sha256
65cf85118c69198cdd7c9f6b7bdb58bb8f1ed9cc09834dd687c0e70bf53c8723
Sha384
68c5c3d400734d324c0d9e258575f21ef6371185d31af2dc9406edea0b756842d8cb9125f8d4d1cce2daf8f11d045eae
Sha512
843a0ea4e3c9ac4117a6541b69a2b8011e2ffddcd6a768e90ba782f9c9f37330fbc07a35b8b749e662312a928dd890ed4f2aa34f97f8203490eb1bb8408edfbe
SSDeep
49152:GAdB7X+BKQGguHAqm1zQZBi1YeeiXhXjuoZQ:GAP7X+QQGgaAGByRj
TLSH
59E53AA2B546E2CFD49B1BB48427DD97691D03F94F1148D3DCA8A47A7EA3CC112F9C28

PeID

Microsoft Visual C++ v6.0 DLL
UPolyx 0.4 -> delikon
File Structure
4f5e638e302bfeae89b1293da04557e0
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rsrc
.idata
bwmlijum
stipktic
.taggant
qkbQLAEC
DWMzJcOC
jYrmGdtr
snxjFQat
iIARpouL
sqFNhAlS
zLrFSFJz
DEkcJQDL
mvuVLcnd
QLqYYzxw
Resources
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Artefacts
Name
 Value
LummaEncrypted@0004E6A2 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0004FF39 [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LummaEncrypted@000501E0 [0123456789ABCDEF]

????
LummaEncrypted@00050208 [be93e12af7f15c330196b5d3fd64e275e60fcae203]

Ib??T?C?_X?+??
LummaEncrypted@0005EC63 [6595b64144ccf1df]

!YG?
LummaEncrypted@002226BD [DDDDDDDD]

LummaEncrypted@003077DF [6595b64144ccf1df]

!YG?
4f5e638e302bfeae89b1293da04557e0 (3.19 MB)
File Structure
4f5e638e302bfeae89b1293da04557e0
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rsrc
.idata
bwmlijum
stipktic
.taggant
qkbQLAEC
DWMzJcOC
jYrmGdtr
snxjFQat
iIARpouL
sqFNhAlS
zLrFSFJz
DEkcJQDL
mvuVLcnd
QLqYYzxw
Resources
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LummaEncrypted@0004E6A2 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????

Malicious

4f5e638e302bfeae89b1293da04557e0
LummaEncrypted@0004FF39 [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Malicious

4f5e638e302bfeae89b1293da04557e0
LummaEncrypted@000501E0 [0123456789ABCDEF]

????

Malicious

4f5e638e302bfeae89b1293da04557e0
LummaEncrypted@00050208 [be93e12af7f15c330196b5d3fd64e275e60fcae203]

Ib??T?C?_X?+??

Malicious

4f5e638e302bfeae89b1293da04557e0
LummaEncrypted@0005EC63 [6595b64144ccf1df]

!YG?

Malicious

4f5e638e302bfeae89b1293da04557e0
LummaEncrypted@002226BD [DDDDDDDD]

Malicious

4f5e638e302bfeae89b1293da04557e0
LummaEncrypted@003077DF [6595b64144ccf1df]

!YG?

Malicious

4f5e638e302bfeae89b1293da04557e0
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙