Suspect
548488410b5fdabb1202d1166a420c74
PE Executable | MD5: 548488410b5fdabb1202d1166a420c74 | Size: 2.34 MB | application/x-dosexec
PE Executable
MD5: 548488410b5fdabb1202d1166a420c74
Size: 2.34 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 548488410b5fdabb1202d1166a420c74
|
| Sha1 | 3a2af6d9bf762618d505bb9fa4b6efe360109edf
|
| Sha256 | 798a0d11fd7bf7aa19c35a62ff306d48ffc89b555e7fad024d14d93a1384c2b8
|
| Sha384 | b1f2daaa30d8b97621c8ab6d7b67f42fa25b847ca35a5bcdbd11535985cedf76f0ded5418a90bcb8be60bc8fa2025b1b
|
| Sha512 | 53675a386909e3f1947640deb7597b13c1529af0334657969f85c08555faa4f8c3b94744204d6383cf766c808cbb0df3e1cdf4fd329ff809d119e177a342a69d
|
| SSDeep | 49152:pAR6pHImCXi45lSevpEie7zoDQ49aXZmMAnG3eCt0cAvbfVQOlgya:pwI7Wl5Yei1ok49unt3ft0cybfVQOlgl
|
| TLSH | FAB50173B5E28533EAB640F019581B466FBFE6320438CD5B93D86D4867A4DC3E61A363
|
PeID
Armadillo v2.xx (CopyMem II)
Microsoft Visual C++ 6.0 - 8.0
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 7.1
Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ v7.0
File Structure
548488410b5fdabb1202d1166a420c74
7z-stream @ 0x0015D816.7z
[Authenticode]_dde65375.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
RT_GROUP_CURSOR4
ID:0000
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
Resources
RT_ICON
ID:0001
ID:2052
ID:0002
ID:2052
ID:0003
ID:2052
ID:0004
ID:2052
RT_DIALOG
ID:0064
ID:2052
ID:0066
ID:2052
RT_STRING
ID:0007
ID:2052
RT_GROUP_CURSOR4
ID:0080
ID:2052
ID:0081
ID:2052
ID:0082
ID:2052
ID:0085
ID:2052
RT_VERSION
ID:0001
ID:2052
RT_DLGINIT
ID:0066
ID:2052
Overlay_03a5f71c.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
flag_dat
.rsrc
Resources
SCRIPT
ID:0065
ID:2052
ID:0067
ID:2052
RT_ICON
ID:0032
ID:0
ID:0-preview.png
RT_DIALOG
ID:271B
ID:2052
ID:271C
ID:2052
ID:271D
ID:2052
ID:271E
ID:2052
ID:2720
ID:2052
ID:2723
ID:2052
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:2052
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_03a5f71c.bin (905064 bytes) |
548488410b5fdabb1202d1166a420c74 (2.34 MB)
File Structure
548488410b5fdabb1202d1166a420c74
7z-stream @ 0x0015D816.7z
[Authenticode]_dde65375.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
RT_GROUP_CURSOR4
ID:0000
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
Resources
RT_ICON
ID:0001
ID:2052
ID:0002
ID:2052
ID:0003
ID:2052
ID:0004
ID:2052
RT_DIALOG
ID:0064
ID:2052
ID:0066
ID:2052
RT_STRING
ID:0007
ID:2052
RT_GROUP_CURSOR4
ID:0080
ID:2052
ID:0081
ID:2052
ID:0082
ID:2052
ID:0085
ID:2052
RT_VERSION
ID:0001
ID:2052
RT_DLGINIT
ID:0066
ID:2052
Overlay_03a5f71c.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
flag_dat
.rsrc
Resources
SCRIPT
ID:0065
ID:2052
ID:0067
ID:2052
RT_ICON
ID:0032
ID:0
ID:0-preview.png
RT_DIALOG
ID:271B
ID:2052
ID:271C
ID:2052
ID:271D
ID:2052
ID:271E
ID:2052
ID:2720
ID:2052
ID:2723
ID:2052
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:2052
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.