Malicious
General
Structural Analysis
Config.0
Yara Rules57
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 6041ff66d357d55f8ae482421e65f28e
|
| Sha1 | 43eb532b3f4e6cb2da152f31cb17cbf9e2c11bf7
|
| Sha256 | df2a36ad1ef4e08e0e2909e5b4d875f1ad4ff6df95c11cc5b21c71a547fe16fe
|
| Sha384 | 17982b886ce663c25289d23b48989c1ab22d522e68af80667fb293aed119564b2cc9670af1a9f02908b5e66766b6cc23
|
| Sha512 | fdbc3cf6844beff1cd2a473d7043c72165429415a743a78aa65312627afdd7446d60aa2a18ca681e49615c800cc5e2a36e73bcdb4902912cd614d59f0ddf46ed
|
| SSDeep | 24576:ktb20pkaCqT5TBWgNQ7apr4y/ugS6ONx7Pvs6A:NVg5tQ7apNxS6gM5
|
| TLSH | 0345CF1363DEC361C3725273BA25B741AEBF782506A1F96B2FD4093DE920162521EB73
|
PeID
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
VC8 -> Microsoft Corporation
File Structure
6041ff66d357d55f8ae482421e65f28e
Executable
AutoIt
Suspect
Decompiled
PE (Portable Executable)
Win 32 Exe
x86
PDB Path
Malicious
aut3A39.tmp.tok
AutoIt
Suspect
Decompiled
Malicious
[Cleaned].au3
AutoIt
Suspect
Decompiled
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:2057
ID:0002
ID:2057
ID:0003
ID:2057
ID:0004
ID:2057
ID:0005
ID:2057
ID:0006
ID:2057
ID:0007
ID:2057
ID:0008
ID:2057
ID:0009
ID:2057
ID:000A
ID:2057
ID:000B
ID:2057
RT_MENU
ID:00A6
ID:2057
RT_STRING
ID:0007
ID:2057
ID:0008
ID:2057
ID:0009
ID:2057
ID:000A
ID:2057
ID:000B
ID:2057
ID:000C
ID:2057
ID:0139
ID:2057
RT_RCDATA
ID:0000
ID:0
Executable
AutoIt
RT_GROUP_CURSOR4
ID:0063
ID:2057
ID:00A2
ID:2057
ID:00A4
ID:2057
ID:00A9
ID:2057
RT_VERSION
ID:0001
ID:2057
RT_MANIFEST
ID:0001
ID:2057
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | ???? |
6041ff66d357d55f8ae482421e65f28e (1.18 MB)
File Structure
6041ff66d357d55f8ae482421e65f28e
Executable
AutoIt
Suspect
Decompiled
PE (Portable Executable)
Win 32 Exe
x86
PDB Path
Malicious
aut3A39.tmp.tok
AutoIt
Suspect
Decompiled
Malicious
[Cleaned].au3
AutoIt
Suspect
Decompiled
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:2057
ID:0002
ID:2057
ID:0003
ID:2057
ID:0004
ID:2057
ID:0005
ID:2057
ID:0006
ID:2057
ID:0007
ID:2057
ID:0008
ID:2057
ID:0009
ID:2057
ID:000A
ID:2057
ID:000B
ID:2057
RT_MENU
ID:00A6
ID:2057
RT_STRING
ID:0007
ID:2057
ID:0008
ID:2057
ID:0009
ID:2057
ID:000A
ID:2057
ID:000B
ID:2057
ID:000C
ID:2057
ID:0139
ID:2057
RT_RCDATA
ID:0000
ID:0
Executable
AutoIt
RT_GROUP_CURSOR4
ID:0063
ID:2057
ID:00A2
ID:2057
ID:00A4
ID:2057
ID:00A9
ID:2057
RT_VERSION
ID:0001
ID:2057
RT_MANIFEST
ID:0001
ID:2057
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | ???? |
6041ff66d357d55f8ae482421e65f28e |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.