General
Structural Analysis
Config.0
Yara Rules37
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 968fb8024ce201206d4f9c44c8492e0c
|
| Sha1 | d8c3e2060baa80fd2b7441f8736307c398df487e
|
| Sha256 | d7e18cc84d0a980bae30ae4c5c849b7723d3a0ad115c6863bbc354ad00cb6941
|
| Sha384 | 2e339b703e745877d7b0e68a110b9708ce672e0d6b272c9663144db5a51a39b340eceb0fc01ddf09aed694045fd9a9dc
|
| Sha512 | 635c67b6cfb4bc995fcac2c98c86a8ec095d22a025f3883f0916dbf9f8e8bf63ab6397f416d7408d5e8debeb92e72b6741670bebfb65bbac4c82f20fbbbef544
|
| SSDeep | 98304:Zr2iCZeQwvKbhpz+lk1d5EWaa+lU2iKsrnHJDs3DlIhlLp5:ZBvKbrz+lkFEWr+2dS3DlI/p5
|
| TLSH | 84462304AC4BEE85C25AA1B511E30F23B6779AE982575302CF3AD4BD3DE1308FAD6D15
|
File Structure
968fb8024ce201206d4f9c44c8492e0c
Malicious
contool
Malicious
[Authenticode]_9884558f.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
REGISTRY
ID:0000
ID:1033
ID:0065
ID:1033
ID:0066
ID:1033
SRF
ID:00D0
ID:1033
TYPELIB
ID:0001
ID:1033
RT_STRING
ID:0007
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:0080
ID:1033
ID:0081
ID:1033
ID:0082
ID:1033
ID:008A
ID:1033
ID:008B
ID:1033
ID:008D
ID:1033
ID:00FB
ID:1033
ID:00FE
ID:1033
ID:00FF
ID:1033
RT_VERSION
ID:0001
ID:1033
aximp.exe.config
[Authenticode]_574320c9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5f8b16cf.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:0007
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5d4c336a.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
dasmhlp.cnt
DASMHLP.HLP
disco.exe
[Authenticode]_532e7849.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
.Net Resources
DiscoRes.resources
CommonResStrings.resources
disco.exe.config
isvtier5appsignsdk.cc
isvtier5appsignsdk.xml
isvtier5appsignsdk_client.xml
msrootpub1.dat
msrootpub2.dat
[Authenticode]_86e6b683.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.pdata
consent
.rsrc
.reloc
Resources
MUI
ID:0001
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
RT_GROUP_CURSOR4
ID:006B
ID:1033
ID:006C
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
wmsgapi.dll
Malicious
Overlay_312d85e9.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
968fb8024ce201206d4f9c44c8492e0c (5.41 MB)
File Structure
968fb8024ce201206d4f9c44c8492e0c
Malicious
contool
Malicious
[Authenticode]_9884558f.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
REGISTRY
ID:0000
ID:1033
ID:0065
ID:1033
ID:0066
ID:1033
SRF
ID:00D0
ID:1033
TYPELIB
ID:0001
ID:1033
RT_STRING
ID:0007
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:0080
ID:1033
ID:0081
ID:1033
ID:0082
ID:1033
ID:008A
ID:1033
ID:008B
ID:1033
ID:008D
ID:1033
ID:00FB
ID:1033
ID:00FE
ID:1033
ID:00FF
ID:1033
RT_VERSION
ID:0001
ID:1033
aximp.exe.config
[Authenticode]_574320c9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5f8b16cf.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:0007
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5d4c336a.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
dasmhlp.cnt
DASMHLP.HLP
disco.exe
[Authenticode]_532e7849.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
.Net Resources
DiscoRes.resources
CommonResStrings.resources
disco.exe.config
isvtier5appsignsdk.cc
isvtier5appsignsdk.xml
isvtier5appsignsdk_client.xml
msrootpub1.dat
msrootpub2.dat
[Authenticode]_86e6b683.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.pdata
consent
.rsrc
.reloc
Resources
MUI
ID:0001
ID:1033
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
RT_GROUP_CURSOR4
ID:006B
ID:1033
ID:006C
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
wmsgapi.dll
Malicious
Overlay_312d85e9.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.