Malicious
722139ba13e0f38263b049baaa4cc42f
PE Executable | MD5: 722139ba13e0f38263b049baaa4cc42f | Size: 1.16 MB | application/x-dosexec
PE Executable
MD5: 722139ba13e0f38263b049baaa4cc42f
Size: 1.16 MB
application/x-dosexec
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 722139ba13e0f38263b049baaa4cc42f
|
| Sha1 | 59c490d6efe60c07a9c9887780930c4d93983364
|
| Sha256 | dac6ceef5ed0906713c1f1b319ba7bf1e56a9aae6201c9f59bf97cbb94c787e0
|
| Sha384 | 9814d0bc74bd2f9259a9c3449404a3616d59e254119f5033ebc2fa955422867768c1c0107d299c0ddf1c3ddcc0616af9
|
| Sha512 | 60e902e41b68f9a366dbea63c7d79652ef1831617aa92c61c36d3a21d824147b36e586e8e518d655328e46d6d3c65be307e44a26d334e0951f0b60e4b49ac2b7
|
| SSDeep | 24576:U2G/nvxW3Ww0trXpxluNAwj1NOvMvsFRbI90o+9gd1hj:UbA30rXpxls5ahy
|
| TLSH | 60453A017E84CE12F0191633C2EF450447B4AC516AAAE72B7FB9376D65223A37D1DACB
|
PeID
HQR data file
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
VC8 -> Microsoft Corporation
File Structure
722139ba13e0f38263b049baaa4cc42f
Malicious
Overlay_b8725b02.bin
Malicious
JZVEivqAa.bat
Portdriver.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
hl9WYvV5QtHVydVkF9.4v4OTSyZGXEvmN62ln
4GKBv75qT0OnrZDn4r.eY5UpBpOrQuZZQs5N7
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
722139ba13e0f38263b049baaa4cc42f.decoded.vbs
Malicious
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_b8725b02.bin (847964 bytes) |
| Info | PDB Path: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb |
722139ba13e0f38263b049baaa4cc42f (1.16 MB)
File Structure
722139ba13e0f38263b049baaa4cc42f
Malicious
Overlay_b8725b02.bin
Malicious
JZVEivqAa.bat
Portdriver.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
hl9WYvV5QtHVydVkF9.4v4OTSyZGXEvmN62ln
4GKBv75qT0OnrZDn4r.eY5UpBpOrQuZZQs5N7
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
722139ba13e0f38263b049baaa4cc42f.decoded.vbs
Malicious
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.