Malicious
6afdd72d7a2a403d7c568978ab566a9d
PE Executable | MD5: 6afdd72d7a2a403d7c568978ab566a9d | Size: 57.85 KB | application/x-dosexec
PE Executable
MD5: 6afdd72d7a2a403d7c568978ab566a9d
Size: 57.85 KB
application/x-dosexec
Infection Chain
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very high
|
Hash | Hash Value |
|---|---|
| MD5 | 6afdd72d7a2a403d7c568978ab566a9d
|
| Sha1 | e53cec72353427e5639be475c7f6946d0f68aebf
|
| Sha256 | d29c97a63a09d5ec9f58d89ae8f815c32b84846bf1d76687d8ea768a8e0499c4
|
| Sha384 | ba07ea3f985fa6f1daae0ed571007afb58c1418b6716b1ad582125ead925b1302475e7e9ba6ab97747240f98995d3cf6
|
| Sha512 | afc998531f1f7bb0f7df98155204d1932719f425e665ecd4eda07e0553e0a43348e96e7b9bb643c697cc0dfc26992ea27f4b4d449b60ec7000155da7ce65dda7
|
| SSDeep | 768:GVpuGbNMUCa2vgcKwQD32d2d8bXbg6SmfYOy43H2Gpq7hqwLSN:MLCa2vgd87zfYCq7cwL6
|
| TLSH | B143E702339AC331C56C65B585EB052153F5A7826A33DB9B3E4C639D9F127A39F81BC8
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
6afdd72d7a2a403d7c568978ab566a9d
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
BtQZBIjpDjnw0ItCVs.QGm7YatuMhJ31F6q3k
BLACKHAWK.g.resources
aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
$this.Icon
[NBF]root.IconData
progressBar1.Modifiers
$this.Language
$this.GridSize
Informations
|
Name0 | Value |
|---|---|
| Module Name | BLACKHAWK.dll |
| Full Name | BLACKHAWK.dll |
| Scope Name | BLACKHAWK.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | BLACKHAWK |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5.2 |
| Total Strings | 23 |
| Main Method | Not found or no body |
| Module Name | BLACKHAWK.dll |
| Full Name | BLACKHAWK.dll |
| Scope Name | BLACKHAWK.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | BLACKHAWK |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5.2 |
| Total Strings | 23 |
| Main Method | Not found or no body |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | BLACKHAWK.pdb |
6afdd72d7a2a403d7c568978ab566a9d (57.85 KB)
File Structure
6afdd72d7a2a403d7c568978ab566a9d
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
BtQZBIjpDjnw0ItCVs.QGm7YatuMhJ31F6q3k
BLACKHAWK.g.resources
aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
$this.Icon
[NBF]root.IconData
progressBar1.Modifiers
$this.Language
$this.GridSize
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | BLACKHAWK.pdb |
6afdd72d7a2a403d7c568978ab566a9d |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.