Suspicious
Suspect

55d629b11be784b518f5253e8e2f4b53

AutoIt Compiled Script
|
MD5: 55d629b11be784b518f5253e8e2f4b53
|
Size: 6.3 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
55d629b11be784b518f5253e8e2f4b53
Sha1
57d6dfc2ef8c66c8c8c9b4ba7567e666c7dd9c7d
Sha256
ca479a93803b3967353f8c5ded93d11d7081df0d246dea41c869651a07ebe539
Sha384
26115e08ae249ce59417ccf5ab8d1bebef07134c54834b5f408d314ab0d84100d5bef437c09581e428004daebbc9a692
Sha512
fa57c9053f09e0845e1ea231f765f0a5b6e899de0df8ea1ed7445b06bc9f0c16a439896fcef5573e1d2bd421dfd54496b5c260f596611b2dc160a9cabda7d465
SSDeep
49152:HhwrImlSo2ORuEaMhHLpVCEf8NaWUu1Q/vJXm7O:HOcmlSUuEaMhrPffiaWUu18h2K
TLSH
FB563434211CF4E19A31000FFAF7D193576AA537A01B51DCE9CCE4AE32A6166D92E73B

PeID

Microsoft Visual C++ 8.0 (DLL)
File Structure
55d629b11be784b518f5253e8e2f4b53
[Authenticode]_4ec0d6a9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:003F
ID:1033
ID:004C
ID:1033
ID:004D
ID:1033
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
RT_GROUP_CURSOR4
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:1033
Imagination.xls
Moisture
Comm
Organized
Capable
Drive
Senate
Nudist
Sandy
Polls
Films
Ash
Golden
Rapidly.xls
Future.xls
Howard.xls
Educators.xls
Assembly.xls
Every.xls
Option.xls
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x5FFFE1 size 11032 bytes
Info

PDB Path: wextract.pdb
55d629b11be784b518f5253e8e2f4b53 (6.3 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙