Suspect
6a87453a7f6b63b947f36fb0552c1870
PE Executable | MD5: 6a87453a7f6b63b947f36fb0552c1870 | Size: 11.72 MB | application/x-dosexec
PE Executable
MD5: 6a87453a7f6b63b947f36fb0552c1870
Size: 11.72 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 6a87453a7f6b63b947f36fb0552c1870
|
| Sha1 | 8fe5b0f1b8e5146d37889676941d57e4563427df
|
| Sha256 | eed5f9d02a1ac26d2b52bc1e4bafa73073faed0bb665687ddcf90dcecb41b878
|
| Sha384 | 585b5f8bc4cdf5fb366732e05bbcda574d2203db8169d8664c1497e8452fbcdab1455b2c081ff53d879b072bf2c40215
|
| Sha512 | 67dd66394b44ab93a7cc5bdaa8c73b07481abc4ee504b2f6bb4e57374707deddd9868aa5d22452f48215f8453d6be020b12def96959adbd57be97f4fbc450f91
|
| SSDeep | 196608:0laSuYqPXhyy/uFjmONZvdEtiWcSt8eKH8AG3uxCSknGwtDki/cZNNnMJrTHeo29:iaSuYqJv/yB9dEBx7+YGwtb0L6tTHeoW
|
| TLSH | 19C623326156303BF6F539F3E815D1303D69A2185B58C8BEC6C0AC5D3DA89DA6AF7306
|
PeID
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
UPolyX 0.3 -> delikon
VC8 -> Microsoft Corporation
File Structure
6a87453a7f6b63b947f36fb0552c1870
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.wixburn
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
RT_RCDATA
ID:0001
ID:1033
RT_MESSAGETABLE
ID:0001
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.idata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
Resources
RT_ICON
ID:0001
ID:2052
ID:0002
ID:2052
ID:0003
ID:2052
ID:0004
ID:2052
ID:0005
ID:2052
RT_GROUP_CURSOR4
ID:0000
ID:2052
RT_MANIFEST
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.unwante
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Root Entry
䡀䌏䈯
䡀䈖䌧䠤
䡀䌋䄱䜵
䡀䕎䒵䠵
䡀㬿䏲䐸䖱
䡀㽿䅤䈯䠶
䡀䈏䗤䕸䠨
䡀䈛䌪䗶䜵
䡀䋜䕲䆷䗸
䡀䓞䕪䇤䠨
䡀䕙䓲䕨䜷
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
䡀䈛㵪䆲䗤䕲
䡀䌍䈵䗦䕲䠼
䡀䒌䇱䗬䒬䠱
䡀䒌䓰䑲䑨䠷
䡀䓊㼳䄨䆵䠫
䡀㼿䕷䑬㭪䗤䠤
䡀㼿䕷䑬㹪䒲䠯
䡀㿿䏤䇬䗤䒬䠱
䡀䖖㯬䏬㱨䖤䠫
䡀䘌䗶䐲䆊䌷䑲
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
䡀䄕䑸䋦䒌䇱䗬䒬䠱
䡀䇊䌰㾱㼒䔨䈸䆱䠨
䡀䈏䗤䕸㬨䐲䒳䈱䗱䠶
䡀䑒䗶䏤㾯㼒䔨䈸䆱䠨
䡀䇊䌰㮱䈻䘦䈷䈜䘴䑨䈦
䡀䇊䗹䛎䆨䗸㼨䔨䈸䆱䠨
䡀䌠㭻䓨䑨䈧䆱㹼䒵䌹䈧䠵
䡀䑒䗶䏤㮯䈻䘦䈷䈜䘴䑨䈦
DigitalSignature
SummaryInformation
MsiDigitalSignatureEx
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | D:\a\wix4\wix4\build\burn\Release\x86\burn.pdb |
| PDB Path | vcruntime140d.i386.pdb |
| PDB Path | msvcp80.i386.pdb |
| PDB Path | msvcr80.i386.pdb |
| URLs in VB Code - #1 | file:/// |
| URLs in VB Code - #2 | http://www.w3.org/TR/REC-html40/strict.dtd |
| URLs in VB Code - #3 | http://www.w3.org/1999/xlink |
| URLs in VB Code - #4 | http://qt.nokia.com/products/licensing |
| URLs in VB Code - #5 | http://qt.nokia.com/ |
| PDB Path | C:\agent\_work\34\s\Wix\build\ship\x86\wixca.pdb |
| PDB Path | C:\agent\_work\34\s\Wix\build\ship\x86\WixDepCA.pdb |
6a87453a7f6b63b947f36fb0552c1870 (11.72 MB)
File Structure
6a87453a7f6b63b947f36fb0552c1870
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.wixburn
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
RT_RCDATA
ID:0001
ID:1033
RT_MESSAGETABLE
ID:0001
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.idata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
Resources
RT_ICON
ID:0001
ID:2052
ID:0002
ID:2052
ID:0003
ID:2052
ID:0004
ID:2052
ID:0005
ID:2052
RT_GROUP_CURSOR4
ID:0000
ID:2052
RT_MANIFEST
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.unwante
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Root Entry
䡀䌏䈯
䡀䈖䌧䠤
䡀䌋䄱䜵
䡀䕎䒵䠵
䡀㬿䏲䐸䖱
䡀㽿䅤䈯䠶
䡀䈏䗤䕸䠨
䡀䈛䌪䗶䜵
䡀䋜䕲䆷䗸
䡀䓞䕪䇤䠨
䡀䕙䓲䕨䜷
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
䡀䈛㵪䆲䗤䕲
䡀䌍䈵䗦䕲䠼
䡀䒌䇱䗬䒬䠱
䡀䒌䓰䑲䑨䠷
䡀䓊㼳䄨䆵䠫
䡀㼿䕷䑬㭪䗤䠤
䡀㼿䕷䑬㹪䒲䠯
䡀㿿䏤䇬䗤䒬䠱
䡀䖖㯬䏬㱨䖤䠫
䡀䘌䗶䐲䆊䌷䑲
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
䡀䄕䑸䋦䒌䇱䗬䒬䠱
䡀䇊䌰㾱㼒䔨䈸䆱䠨
䡀䈏䗤䕸㬨䐲䒳䈱䗱䠶
䡀䑒䗶䏤㾯㼒䔨䈸䆱䠨
䡀䇊䌰㮱䈻䘦䈷䈜䘴䑨䈦
䡀䇊䗹䛎䆨䗸㼨䔨䈸䆱䠨
䡀䌠㭻䓨䑨䈧䆱㹼䒵䌹䈧䠵
䡀䑒䗶䏤㮯䈻䘦䈷䈜䘴䑨䈦
DigitalSignature
SummaryInformation
MsiDigitalSignatureEx
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | D:\a\wix4\wix4\build\burn\Release\x86\burn.pdb |
6a87453a7f6b63b947f36fb0552c1870 |
| PDB Path | vcruntime140d.i386.pdb |
6a87453a7f6b63b947f36fb0552c1870 > u0 |
| PDB Path | msvcp80.i386.pdb |
6a87453a7f6b63b947f36fb0552c1870 > u3 |
| PDB Path | msvcr80.i386.pdb |
6a87453a7f6b63b947f36fb0552c1870 > u4 |
| URLs in VB Code - #1 | file:/// |
6a87453a7f6b63b947f36fb0552c1870 > u6 |
| URLs in VB Code - #2 | http://www.w3.org/TR/REC-html40/strict.dtd |
6a87453a7f6b63b947f36fb0552c1870 > u6 |
| URLs in VB Code - #3 | http://www.w3.org/1999/xlink |
6a87453a7f6b63b947f36fb0552c1870 > u6 |
| URLs in VB Code - #4 | http://qt.nokia.com/products/licensing |
6a87453a7f6b63b947f36fb0552c1870 > u6 |
| URLs in VB Code - #5 | http://qt.nokia.com/ |
6a87453a7f6b63b947f36fb0552c1870 > u6 |
| PDB Path | C:\agent\_work\34\s\Wix\build\ship\x86\wixca.pdb |
6a87453a7f6b63b947f36fb0552c1870 > a0 > Root Entry > 䌋䄱䜵䀾䛬㪌 |
| PDB Path | C:\agent\_work\34\s\Wix\build\ship\x86\WixDepCA.pdb |
6a87453a7f6b63b947f36fb0552c1870 > a0 > Root Entry > 䌋䄱䜵䀾䛬䈍㬳䠊 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.