Suspicious
Suspect

98fa1bca9aa27ad3ba7d9770f2dd6d91

PE Executable
|
MD5: 98fa1bca9aa27ad3ba7d9770f2dd6d91
|
Size: 23.98 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
98fa1bca9aa27ad3ba7d9770f2dd6d91
Sha1
122d4a0a9433bfc8744624a37fdf2cc70555f6e2
Sha256
a78ffd85baef5049b36b9e694d41509aa3c9308a1ec5294c0ab5ae97eb95b18d
Sha384
c3a5270f9201c4c5c0ef8b95359cdcacd5e3148cd9ee70407ee9e132a7266905007131680b20662b0d5c492a5ce0a81c
Sha512
801d74faec91ca86cb9ec7de1a4eb0b6b293393935c3f79a62a0b33343714042c74a9b463fe964c287d9245a9d221161b61d1413c0f93ae69407daed39e69771
SSDeep
196608:ZxzGEX79dQtIOcFf/qfeaphlLtI6fWeYTmKq5ES5kG6B6/UyCdiFf7z:Cq79sIOU323lLUHC6SiGRMyCoh
TLSH
C8379E27B7A805A5D077C07CC5979B56DAB2785507308BDB03A18B6E2F27BE00E3B761

PeID

MASM/TASM - sig4 (h)
Microsoft Visual C++ 8.0 (DLL)
Microsoft Visual C++ v6.0 DLL
Pe123 v2006.4.4-4.12
Private EXE Protector V2.30-V2.3X -> SetiSoft Team
File Structure
98fa1bca9aa27ad3ba7d9770f2dd6d91
7z-stream @ 0x005B4ABA.7z
Overlay_500997eb.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1024
ID:1024-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
ID:0011
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1024
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Overlay extracted: Overlay_500997eb.bin (23591353 bytes)
Info

PDB Path: D:\Projects\WinRAR\SFX\build\sfxzip64\Release\sfxzip.pdb
98fa1bca9aa27ad3ba7d9770f2dd6d91 (23.98 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙