63ca9d6b92d19f9800e5a1b36bf68470

PE Executable
|
MD5: 63ca9d6b92d19f9800e5a1b36bf68470
|
Size: 2.04 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	63ca9d6b92d19f9800e5a1b36bf68470
Sha1	9a8d10bd4b428480c133221d9f91dde60121a9c8
Sha256	5d9a813d6d97a1280a794c470dffa1b8c7bc7b3afd76a1af8d511c20d2a35984
Sha384	36e0f46b3ad0742556e769ea17159cf13aae01a7d023c3efcc262647466f388955fe007b864c79d776f25a534c05a2e0
Sha512	3bdf471a16f7af45d0a5311f705a2fc265810aaee4fc74560c5f8b9de59fc19eed31bc1328a1ee0e9cddf87617af73b3d87be19ee13b85b85987396284e785f2
SSDeep	49152:6cm10YY1Zs+aSigppddTWKFcRGpfemx+MMJi0cFvwp:6SYisybHMK8GpfeOMJiZw
TLSH	89951311B5908071DA3616730CF89FBAEA3EB9211F619ACBB3900F6D9F305D2D734A56

PeID

Microsoft Visual C++ 8

Microsoft Visual C++ v6.0 DLL

UPolyX 0.3 -> delikon

VC8 -> Microsoft Corporation

File Structure

Artefacts

Name0	Value
URLs in VB Code - #1	http://schemas.microsoft.com/SMI/2005/WindowsSettings
URLs in VB Code - #2	http://www.microsoft.com/pkiops/crl/MicWinProPCA2011_2011-10-19.crl0a
URLs in VB Code - #3	http://www.microsoft.com/pkiops/certs/MicWinProPCA2011_2011-10-19.crt0
URLs in VB Code - #4	http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
URLs in VB Code - #5	http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
URLs in VB Code - #6	http://www.microsoft.com/windows0
URLs in VB Code - #7	http://subca.repository.certum.pl/ctsca2021.cer0
URLs in VB Code - #8	http://subca.ocsp-certum.com0
URLs in VB Code - #9	http://subca.crl.certum.pl/ctsca2021.crl0
URLs in VB Code - #10	http://crl.certum.pl/ctnca2.crl0l
URLs in VB Code - #11	http://subca.ocsp-certum.com02
URLs in VB Code - #12	http://repository.certum.pl/ctnca2.cer09
URLs in VB Code - #13	http://www.certum.pl/CPS0
URLs in VB Code - #14	http://crl.certum.pl/ctnca.crl0k
URLs in VB Code - #15	http://subca.ocsp-certum.com01
URLs in VB Code - #16	http://repository.certum.pl/ctnca.cer09

63ca9d6b92d19f9800e5a1b36bf68470 (2.04 MB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
URLs in VB Code - #1	http://schemas.microsoft.com/SMI/2005/WindowsSettings	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #2	http://www.microsoft.com/pkiops/crl/MicWinProPCA2011_2011-10-19.crl0a	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #3	http://www.microsoft.com/pkiops/certs/MicWinProPCA2011_2011-10-19.crt0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #4	http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #5	http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #6	http://www.microsoft.com/windows0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #7	http://subca.repository.certum.pl/ctsca2021.cer0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #8	http://subca.ocsp-certum.com0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #9	http://subca.crl.certum.pl/ctsca2021.crl0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #10	http://crl.certum.pl/ctnca2.crl0l	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #11	http://subca.ocsp-certum.com02	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #12	http://repository.certum.pl/ctnca2.cer09	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #13	http://www.certum.pl/CPS0	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #14	http://crl.certum.pl/ctnca.crl0k	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #15	http://subca.ocsp-certum.com01	63ca9d6b92d19f9800e5a1b36bf68470
URLs in VB Code - #16	http://repository.certum.pl/ctnca.cer09	63ca9d6b92d19f9800e5a1b36bf68470

You must be signed in to post a comment.

63ca9d6b92d19f9800e5a1b36bf68470

PE Executable | MD5: 63ca9d6b92d19f9800e5a1b36bf68470 | Size: 2.04 MB | application/x-dosexec

PE Executable
|
MD5: 63ca9d6b92d19f9800e5a1b36bf68470
|
Size: 2.04 MB
|
application/x-dosexec