Malicious
Malicious

7f53398c05f45095857d2abd4d3933d8

PE Executable
|
MD5: 7f53398c05f45095857d2abd4d3933d8
|
Size: 667.65 KB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
7f53398c05f45095857d2abd4d3933d8
Sha1
2b73dd2fb546566cc49ebae573316b749f53de0f
Sha256
a4dd26ed32c9fc6df421007e6cb8ff8b6ab4ae3cacae434d051aa0cd50436947
Sha384
a10b56595a1acfdf91997d34a0db26ca6cbdc8d44da5c462f7ec608fe4e73c24bb3c427db0a2c044487f74719771e6c9
Sha512
5f1c015b048ea23df854b6e61a56d9137bdb9230c0f00a6de673143d0930abda8470f4813202181fab55d1ab08e8210a26506ba1cd120891dad2c80352c084fd
SSDeep
6144:aWR8rFTMnXbdetg5NTmhhXFnKK03UgPl1vxMBpGb8z/hN/wcTr/Sr3MQSIEOV4u3:fWCXhe4mhLKlRUQGJNTXar3lSnajOQL
TLSH
7CE49E21FA9351FDF4B311309C9DE27AEB363A059E159F87E7C09B34EDB02016A1761A

PeID

Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
Safeguard 1.03 -> Simonzh
UPolyX 0.3 -> delikon
VC8 -> Microsoft Corporation
File Structure
7f53398c05f45095857d2abd4d3933d8
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Artefacts
Name
 Value
LummaEncrypted@00083B94 [0123456789abcdef]

????
LummaEncrypted@00083BE4 [0123456789abcdef]

????
LummaEncrypted@00084140 [0123456789]

?
LummaEncrypted@000842C0 [0123456789]

?
LummaEncrypted@000847C7 [0123456789]

?
LummaEncrypted@00087C10 [3333333333333333]

LummaEncrypted@00088E44 [00000000]

LummaEncrypted@00088E5C [000000000000]

LummaEncrypted@00088E69 [0123456789abcdef]

????
LummaEncrypted@00088E88 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
7f53398c05f45095857d2abd4d3933d8 (667.65 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙