Suspicious
Suspect

60d2dd2fa61337b0df58d4c8cf5b89fe

PE Executable
|
MD5: 60d2dd2fa61337b0df58d4c8cf5b89fe
|
Size: 3.38 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
60d2dd2fa61337b0df58d4c8cf5b89fe
Sha1
bf9300ef46e20361be9fb00099a09c69656e0746
Sha256
90753225f37c2b9d34f0ea71963d2a5e8d127b0e136ee732072b29ccb280e45a
Sha384
f7ee9e116aa70efee38567e6eed4a9eed2713e27c19dbfd079126b66433d9000fc97486d8a4ff36bb927eaf08f3b1169
Sha512
970af364a93ae73d68a13251d1d190e1398c9663c4ab0c60911c17dc442b99cec23dfb3eef21df4bf5abeefe0c3373bbb93ee863312a04a064052706f4f19f71
SSDeep
49152:UgYc0c5U0LFR5hAT7Ajl5Ll1Z35bhnrDOrJNd1NwczZ4E9s4kxbc61YrrnIoa4:UgX0CJLy7AjxJbhnrCrJZSEMxY6ahJ
TLSH
F4F511C229527080C9F07A3A34FFDF311765ED662B24C69C568D3705CAFAE99A527833

PeID

Microsoft Visual C++ v6.0 DLL
RPolyCryptor V1.4.2 -> Vaska
UPolyX 0.3 -> delikon
x64 Themida / Winlicense v3.0.x.0 PACKED sign ASL
File Structure
60d2dd2fa61337b0df58d4c8cf5b89fe
[Authenticode]_e99ad76b.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rsrc
.idata
.tls
.themida
.boot
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
ID:0008
ID:0
ID:0009
ID:0
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x336410 size 10304 bytes
60d2dd2fa61337b0df58d4c8cf5b89fe (3.38 MB)
File Structure
60d2dd2fa61337b0df58d4c8cf5b89fe
[Authenticode]_e99ad76b.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rsrc
.idata
.tls
.themida
.boot
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
ID:0008
ID:0
ID:0009
ID:0
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙