General
Structural Analysis
Config.0
Yara Rules77
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 78b5a4b1fc452143b346b06181b2e7a4
|
| Sha1 | a46e73fba6acd24eb5610ef09d7d54228dfa8183
|
| Sha256 | 80e991e05aaf94cce8bce3daf2ce8b8cb49a2b7c5e06b96d3a6281801b16b9cb
|
| Sha384 | 373ed39df577e137e33bb084067837a4f9f7546fb73d71217834d70ca885ef9058d17796185ba9381b3d88e48794d604
|
| Sha512 | b87ef6b3d40df73386c2b94de8bf01f74c8e578aeb38d76fae1fcad421ba60fd314fcd0d88f5471d28b2467509be83c757bdf7265eb485e76d9fe88857e4c0b3
|
| SSDeep | 24576:j2G/nvxW3WeA8zynWGhThz1lKI6pljZixqQDICTmqk43inoRYAA5:jbA3W9nnhR+lcTmz4yoR5c
|
| TLSH | 0D758D017E44CA52F0291633C2FF465447B8AC526BA6E31B7EB977AD55223933C0DACB
|
PeID
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
VC8 -> Microsoft Corporation
File Structure
78b5a4b1fc452143b346b06181b2e7a4
Malicious
Overlay_b4a4d6ff.bin
Malicious
7L03ktj6QW.bat
hyperbroker.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
T5uusuyR4cdxr99t3T.mQxWaNbY9AyTco5uTV
xBueLOIgEoGXfp6Iyn.aCR9XT35Q3Nu4pqa0p
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1024
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1024
RT_MANIFEST
ID:0001
ID:1033
78b5a4b1fc452143b346b06181b2e7a4.decoded.vbs
Malicious
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_b4a4d6ff.bin (1228886 bytes) |
| Info | PDB Path: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb |
78b5a4b1fc452143b346b06181b2e7a4 (1.69 MB)
File Structure
78b5a4b1fc452143b346b06181b2e7a4
Malicious
Overlay_b4a4d6ff.bin
Malicious
7L03ktj6QW.bat
hyperbroker.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
T5uusuyR4cdxr99t3T.mQxWaNbY9AyTco5uTV
xBueLOIgEoGXfp6Iyn.aCR9XT35Q3Nu4pqa0p
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1024
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1024
RT_MANIFEST
ID:0001
ID:1033
78b5a4b1fc452143b346b06181b2e7a4.decoded.vbs
Malicious
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.