509e24b5c3cf7e8309e9a3ede717ebcf

PE Executable
|
MD5: 509e24b5c3cf7e8309e9a3ede717ebcf
|
Size: 458.75 KB
|
application/x-dosexec

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	509e24b5c3cf7e8309e9a3ede717ebcf
Sha1	0cd853afa596176416839edd4b739af98aa6f7ad
Sha256	c795c63e16fd180a30d904386dc4b9c3b210d699444a0aa78f4b795e96286fb0
Sha384	da151b76cc820cc369adaeea9ffb29c1142a6b9edfbf6600201820a1e04b858ecc3b94a4af9f9b8d84c3f4692a520503
Sha512	d61172b4c35339863d5ed6e516bcdaa5ff1c93e00aaf2e2dda3ef5661d926242a27a8fea02a2465468ac3d9264cff02ba86b83d84d3c7202cef5769e7fcdb008
SSDeep	6144:hD8okEvTyoZVOgd2QZiw5NLclL5orfQHCigulUqa1M+9klvLcWUiYdiGs/ROvwX/:psjCF2QZiOU+4zX7wM45QygROD2t
TLSH	44A4F146FB039174D8590A3308AAB7762730AD064B01DFDBE580F75D7C777C2BA2A968

PeID

Microsoft Visual C++ v6.0 DLL

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Info	Authenticode present at 0x39400 size 7801 bytes
Info	Overlay extracted: Overlay_e4fcfc8c.bin (216448 bytes)

Artefacts

Name0	Value
LummaEncrypted@00039526 [070615000000]
LummaEncrypted@00039535 [120614235959]	K_
LummaEncrypted@000398DD [031204000000]
LummaEncrypted@000398EC [131203235959]	JK
LummaEncrypted@00039C78 [040716000000]
LummaEncrypted@00039C87 [140715235959]	M^
LummaEncrypted@0003A191 [090211000000]
LummaEncrypted@0003A1A0 [120211235959]	K[
LummaEncrypted@0003A892 [090213104341]	JC
LummaEncrypted@000404B6 [2DF8D04C]
LummaEncrypted@00040DC5 [00000000]
LummaEncrypted@00040DDD [000000000000]
LummaEncrypted@00041205 [00000000]
LummaEncrypted@00041268 [8D8F21B62347274727422C422C]	????? ??
LummaEncrypted@0004128A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]	D~?/???/#?r?????=.??DE'/????
LummaEncrypted@000412DB [A7A50BDC15E4A3E5A3E5A3]	?A?9@?
LummaEncrypted@0004130E [00000001]
LummaEncrypted@00041318 [3832D640]
LummaEncrypted@00041330 [00A0C911005A]
LummaEncrypted@00041344 [00000000]
LummaEncrypted@00005236 [2DF8D04C]
LummaEncrypted@00005B45 [00000000]
LummaEncrypted@00005B5D [000000000000]
LummaEncrypted@00005F85 [00000000]
LummaEncrypted@00005FE8 [8D8F21B62347274727422C422C]	????? ??
LummaEncrypted@0000600A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]	D~?/???/#?r?????=.??DE'/????
LummaEncrypted@0000605B [A7A50BDC15E4A3E5A3E5A3]	?A?9@?
LummaEncrypted@0000608E [00000001]
LummaEncrypted@00006098 [3832D640]
LummaEncrypted@000060B0 [00A0C911005A]
LummaEncrypted@000060C4 [00000000]

509e24b5c3cf7e8309e9a3ede717ebcf (458.75 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
LummaEncrypted@00039526 [070615000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00039535 [120614235959]	K_ Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@000398DD [031204000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@000398EC [131203235959]	JK Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00039C78 [040716000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00039C87 [140715235959]	M^ Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@0003A191 [090211000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@0003A1A0 [120211235959]	K[ Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@0003A892 [090213104341]	JC Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@000404B6 [2DF8D04C]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00040DC5 [00000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00040DDD [000000000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00041205 [00000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00041268 [8D8F21B62347274727422C422C]	????? ?? Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@0004128A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]	D~?/???/#?r?????=.??DE'/???? Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@000412DB [A7A50BDC15E4A3E5A3E5A3]	?A?9@? Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@0004130E [00000001]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00041318 [3832D640]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00041330 [00A0C911005A]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00041344 [00000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf
LummaEncrypted@00005236 [2DF8D04C]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@00005B45 [00000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@00005B5D [000000000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@00005F85 [00000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@00005FE8 [8D8F21B62347274727422C422C]	????? ?? Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@0000600A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]	D~?/???/#?r?????=.??DE'/???? Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@0000605B [A7A50BDC15E4A3E5A3E5A3]	?A?9@? Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@0000608E [00000001]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@00006098 [3832D640]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@000060B0 [00A0C911005A]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin
LummaEncrypted@000060C4 [00000000]	Malicious	509e24b5c3cf7e8309e9a3ede717ebcf > Overlay_e4fcfc8c.bin

You must be signed in to post a comment.

509e24b5c3cf7e8309e9a3ede717ebcf

PE Executable | MD5: 509e24b5c3cf7e8309e9a3ede717ebcf | Size: 458.75 KB | application/x-dosexec

PE Executable
|
MD5: 509e24b5c3cf7e8309e9a3ede717ebcf
|
Size: 458.75 KB
|
application/x-dosexec