General
Structural Analysis
Config.0
Yara Rules37
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 7e89f9ddbbd24aafe92ad3025b6e9a01
|
| Sha1 | 39c52262a1eeeb23e4665d27fd3fbe3e16e3e0a9
|
| Sha256 | baf0f3e9f99bd2e816c3dd2f3cc3b2ad8b75185045e0311f1a8e3f041860567a
|
| Sha384 | ec02483c4b06d361fb171854eb989605ba47e12ad3dfd5813716c6c24b23088491a76de3c20dc040572ad8cdb56f49d2
|
| Sha512 | c24d5462992b09e4ec6c7fcee2f251ad26410c30857dcdab9e820b4c5a36a934690a741abe28087a5f95bec08ebc7c1541a74faab437675e3720859861bbd9f5
|
| SSDeep | 98304:rf0EVEIg7wZzQmR7eys+DvYmheRNadiv59+JXYMJOhGwib5kbBa:TBSZcR601eRNadiuXYMQhab8Ba
|
| TLSH | 8E4633F0BE595E9CF86A2035F14BA8A5D4A73660EF6791E0C0DF56949CF35A2031E0F2
|
File Structure
7e89f9ddbbd24aafe92ad3025b6e9a01
Malicious
contool
Malicious
isvtier5appsignsdk_client.xml
aximp.exe.config
isvtier5appsignsdk.xml
[Authenticode]_5f8b16cf.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:0007
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_9884558f.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
REGISTRY
ID:0000
ID:1033
ID:0065
ID:1033
ID:0066
ID:1033
SRF
ID:00D0
ID:1033
TYPELIB
ID:0001
ID:1033
RT_STRING
ID:0007
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:0080
ID:1033
ID:0081
ID:1033
ID:0082
ID:1033
ID:008A
ID:1033
ID:008B
ID:1033
ID:008D
ID:1033
ID:00FB
ID:1033
ID:00FE
ID:1033
ID:00FF
ID:1033
RT_VERSION
ID:0001
ID:1033
DASMHLP.HLP
[Authenticode]_86e6b683.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.pdata
consent
.rsrc
.reloc
Resources
MUI
ID:0001
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
RT_GROUP_CURSOR4
ID:006B
ID:1033
ID:006C
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
dasmhlp.cnt
disco.exe.config
[Authenticode]_574320c9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
msrootpub1.dat
msrootpub2.dat
wmsgapi.dll
Malicious
Overlay_cc6e4da3.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5d4c336a.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
disco.exe
[Authenticode]_532e7849.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
.Net Resources
DiscoRes.resources
CommonResStrings.resources
isvtier5appsignsdk.cc
7e89f9ddbbd24aafe92ad3025b6e9a01 (5.41 MB)
File Structure
7e89f9ddbbd24aafe92ad3025b6e9a01
Malicious
contool
Malicious
isvtier5appsignsdk_client.xml
aximp.exe.config
isvtier5appsignsdk.xml
[Authenticode]_5f8b16cf.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:0007
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_9884558f.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
REGISTRY
ID:0000
ID:1033
ID:0065
ID:1033
ID:0066
ID:1033
SRF
ID:00D0
ID:1033
TYPELIB
ID:0001
ID:1033
RT_STRING
ID:0007
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:0080
ID:1033
ID:0081
ID:1033
ID:0082
ID:1033
ID:008A
ID:1033
ID:008B
ID:1033
ID:008D
ID:1033
ID:00FB
ID:1033
ID:00FE
ID:1033
ID:00FF
ID:1033
RT_VERSION
ID:0001
ID:1033
DASMHLP.HLP
[Authenticode]_86e6b683.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.pdata
consent
.rsrc
.reloc
Resources
MUI
ID:0001
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
RT_GROUP_CURSOR4
ID:006B
ID:1033
ID:006C
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
dasmhlp.cnt
disco.exe.config
[Authenticode]_574320c9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
msrootpub1.dat
msrootpub2.dat
wmsgapi.dll
Malicious
Overlay_cc6e4da3.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5d4c336a.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
disco.exe
[Authenticode]_532e7849.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
.Net Resources
DiscoRes.resources
CommonResStrings.resources
isvtier5appsignsdk.cc
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.