Suspicious
Suspect

64dd51957b79aec96d32c02dbe2b74cc

AutoIt Compiled Script
|
MD5: 64dd51957b79aec96d32c02dbe2b74cc
|
Size: 5.26 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
64dd51957b79aec96d32c02dbe2b74cc
Sha1
429a04995310c8b4c8ad05a71090d68453f87748
Sha256
2072d44596690890bf4e9d297296f81409f82346b8e2e91c55d628cb35c54d4a
Sha384
b13c10acd31071c8b5e685299878875ac3ac06cb4a30bfef0acb547fe75f36fa94fbb7851394e37cbb219104970c03c0
Sha512
d397f078ce1ca441028f9ece0c0b4138a9dd0ca6298f736eacc20f576c8de6b71b7a7a02f34ef33e475044917380930148c67327402d93f170c657240949fec0
SSDeep
98304:Ia3dLksY9cD6FHgycGXLGUb7hZV+r99PqF9n/wOj6t:VBYlHgy3GUnzV+ng9nBO
TLSH
8A36ACA563A33066364B0801867789BDE6321FCB20D45FE5E9476134C7DF2B46BDA32B

PeID

Microsoft Visual C++ 8.0 (DLL)
File Structure
64dd51957b79aec96d32c02dbe2b74cc
[Authenticode]_98bb0dfe.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:1033-preview.png
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:003F
ID:1033
ID:004C
ID:1033
ID:004D
ID:1033
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Removal.xltx
Proprietary.xltx
Carry
Cite
Need
Pubs.xltx
Matching
Powell.xltx
Boards.xltx
Illegal.xltx
Springfield.xltx
Dish.xltx
Checking
Odds.xltx
Jury
Applicable
Upskirts.xltx
Somerset
Whenever.xltx
Insertion
Male
H
Latex.xltx
Mardi.xltx
Trademarks
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x500015 size 13048 bytes
Info

PDB Path: wextract.pdb
64dd51957b79aec96d32c02dbe2b74cc (5.26 MB)
File Structure
64dd51957b79aec96d32c02dbe2b74cc
[Authenticode]_98bb0dfe.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
AVI
ID:0BB9
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:1033-preview.png
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:07D1
ID:1033
ID:07D2
ID:1033
ID:07D3
ID:1033
ID:07D4
ID:1033
ID:07D5
ID:1033
ID:07D6
ID:1033
RT_STRING
ID:003F
ID:1033
ID:004C
ID:1033
ID:004D
ID:1033
ID:0050
ID:1033
ID:0053
ID:1033
ID:0055
ID:1033
RT_RCDATA
ID:0000
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
ID:0BB8
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Removal.xltx
Proprietary.xltx
Carry
Cite
Need
Pubs.xltx
Matching
Powell.xltx
Boards.xltx
Illegal.xltx
Springfield.xltx
Dish.xltx
Checking
Odds.xltx
Jury
Applicable
Upskirts.xltx
Somerset
Whenever.xltx
Insertion
Male
H
Latex.xltx
Mardi.xltx
Trademarks
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙