Suspicious
Suspect

8799d4d6ef8fce2933f4c621411e0712

PE Executable
|
MD5: 8799d4d6ef8fce2933f4c621411e0712
|
Size: 424.63 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
8799d4d6ef8fce2933f4c621411e0712
Sha1
bf869d8c493a796c689911637809d30e00e7b12a
Sha256
e203b9757831e84cbe996d2113ab959a3dd7e3520ae8aef00e0b0f47e963edb9
Sha384
f0d9043328dd12db5076f0cff8fc2e832d900fa37d2d0cd77ab4ffb1bb8a81f6824068b90de8c236d9b83dcd03c565bc
Sha512
d9e4c97744e54ad2e62d7c0ac1a4601c0291562561d6dad5b08b567c4212c4cfe674b3507ca474ed41ee112dab24de938be189976c62c1894a0d5562531e33e4
SSDeep
6144:JQqRpUQMG1wYzxTxSZrHVhpaHQ4yc4IVLGFlTR1l7IqH+zsTscwaknlLQ0jG:JpUVKwYzxt+0Q+4ASz+zs4cwdBJG
TLSH
8E94236903D44C62CCAB693229A6737FCB67B60336A489435B689F6F0F157D349C23E1

PeID

Microsoft Visual C++ v6.0 DLL
Nullsoft PiMP Stub -> SFX
File Structure
8799d4d6ef8fce2933f4c621411e0712
[NSIS Installer] @ #0000B808
[SETUP_DECOMPILED.NSI]
[NSIS Uninstaller] @ #00064183
[SETUP_DECOMPILED.NSI]
[Authenticode]_c4840473.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x65178 size 10560 bytes
8799d4d6ef8fce2933f4c621411e0712 (424.63 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙