Malicious
Malicious

9149b449a89f24ebbc726c996a471ccf

PE Executable
|
MD5: 9149b449a89f24ebbc726c996a471ccf
|
Size: 667.65 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
9149b449a89f24ebbc726c996a471ccf
Sha1
2f90a4ec18c2597debdd5610aa3a3922f17d195c
Sha256
68bfdc8e5485211e4a6b409d266c98f1f18fb2b5ac06c0b2b83fb724a03ab319
Sha384
35d3df46d681e1fb6b3f61fe4a8687cda0e8b30dca630824ea2aee748c9977120a95ea033d15031accade460d2f70499
Sha512
bf2cb48b15039cd5f11e23495dea7bf19d3ccd10b86efc15de5fa043abce847e1f19461c4466968a3ae801dc95aa23f5f4f7e2b83cf923c7e80bab2a2ff6a699
SSDeep
6144:aWR8rFTMnXbdetg5NTmhhXFnKK03UgPl1vxMBpGb8z/hN/wcTr/Sr3MQSIEOV4uD:fWCXhe4mhLKlRUQGJNTXar3lSnajiQL
TLSH
30E49E21FA9351FDF4B311309C9DE27AEB363A059E159F87E7C09B34EDB02016A1761A

PeID

Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
Safeguard 1.03 -> Simonzh
UPolyX 0.3 -> delikon
VC8 -> Microsoft Corporation
File Structure
9149b449a89f24ebbc726c996a471ccf
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Artefacts
Name
 Value
LummaEncrypted@00083B94 [0123456789abcdef]

????
LummaEncrypted@00083BE4 [0123456789abcdef]

????
LummaEncrypted@00084140 [0123456789]

?
LummaEncrypted@000842C0 [0123456789]

?
LummaEncrypted@000847C7 [0123456789]

?
LummaEncrypted@00087C10 [3333333333333333]

LummaEncrypted@00088E44 [00000000]

LummaEncrypted@00088E5C [000000000000]

LummaEncrypted@00088E69 [0123456789abcdef]

????
LummaEncrypted@00088E88 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
9149b449a89f24ebbc726c996a471ccf (667.65 KB)
File Structure
9149b449a89f24ebbc726c996a471ccf
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LummaEncrypted@00083B94 [0123456789abcdef]

????

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00083BE4 [0123456789abcdef]

????

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00084140 [0123456789]

?

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@000842C0 [0123456789]

?

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@000847C7 [0123456789]

?

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00087C10 [3333333333333333]

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00088E44 [00000000]

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00088E5C [000000000000]

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00088E69 [0123456789abcdef]

????

Malicious

9149b449a89f24ebbc726c996a471ccf
LummaEncrypted@00088E88 [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????

Malicious

9149b449a89f24ebbc726c996a471ccf
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙