Suspect
55c6f21bb32f7c272daaa1927fabf36b
AutoIt Compiled Script | MD5: 55c6f21bb32f7c272daaa1927fabf36b | Size: 1.72 MB | application/x-dosexec
AutoIt Compiled Script
MD5: 55c6f21bb32f7c272daaa1927fabf36b
Size: 1.72 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 55c6f21bb32f7c272daaa1927fabf36b
|
| Sha1 | bcde963cdee4af8e809f17ad15ba38861d8013e0
|
| Sha256 | 7da7fca4991859194ef9d012e578477a643aa4d0f8fdfedecb858b57bbd26734
|
| Sha384 | a5894e7af4d8c355290afb677d46bd9b9972565b17b559f7e855ae687826c0e1d9efb65ff512d57433e308f8f6742a7a
|
| Sha512 | e1b98fabb3bf78a40937d5fec936e32bfbc209321f270d434bd151c7a279140ea1143c7d0cbbd81d30f51cf35b1b7cc6e567b719656ad677ac3245cf77fbe249
|
| SSDeep | 49152:OjKTdOwCgY3UPzaxW/Nkjqj10kX70QiP:KwreUPzaENGbkL0R
|
| TLSH | DC852349B9E4E125F0BE13B0D4F1A5D24274BCB2D72C12FB25A6BEAC1F736909938741
|
PeID
Microsoft Visual C++ 8.0 (DLL)
UPolyX 0.3 -> delikon
File Structure
55c6f21bb32f7c272daaa1927fabf36b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:0
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:1033
Police.aif
Alloy.aif
Export.aif
Wales.aif
Passengers.aif
Neither
Rather
Beginners
Western
Gibraltar
Viewer
Fares
Interesting
Richmond
Wherever
Invest
Severe.aif
Neither
Rather
Beginners
Western
Gibraltar
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: wextract.pdb |
55c6f21bb32f7c272daaa1927fabf36b (1.72 MB)
File Structure
55c6f21bb32f7c272daaa1927fabf36b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:0
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:1033
Police.aif
Alloy.aif
Export.aif
Wales.aif
Passengers.aif
Neither
Rather
Beginners
Western
Gibraltar
Viewer
Fares
Interesting
Richmond
Wherever
Invest
Severe.aif
Neither
Rather
Beginners
Western
Gibraltar
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.