General
Structural Analysis
Config.0
Yara Rules39
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 9d10d07c49f76a19b7c7b14b06a25385
|
| Sha1 | 6bb94f89033a651f460e7d5a955cbf81d7698806
|
| Sha256 | 98698d57d90e9a85ccadf6d9325ce0fc526a9730f0a4379dff4ecc6bac3b5062
|
| Sha384 | c345da7c4ba7440639144800ab2cc0e8392f458884b964d3ba5204bb06324713df6301b99b89eda1b35a6afcf0a2dfdd
|
| Sha512 | d20d6abead0115ad0e81ee7eb333c250fa13869688e0198000b41f90c64c17d701f9ad08b3f53e660cee8774654841ae78ceae553e0440a6511c68404ecffe4e
|
| SSDeep | 196608:i9KN4F9TpZPU3NX/KioVkgZxDPgl/tNI2f5d/XFzKebOd5R/aE:iE4rTHcpKi+kMJP4lNI2f5d/XFKz/T
|
| TLSH | 7BC6331D6FC4DCCB7A3A632F1E45D655FE74B01FB8506E8258E40C749C8ABCDA3AA016
|
File Structure
9d10d07c49f76a19b7c7b14b06a25385
Malicious
[Authenticode]_c1c2bf33.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
ID:0011
ID:1033
ID:0012
ID:1033
ID:0013
ID:1033
ID:0014
ID:1033
ID:0015
ID:1033
ID:0016
ID:1033
ID:0017
ID:1033
ID:0018
ID:1033
ID:0019
ID:1033
ID:001A
ID:1033
ID:001B
ID:1033
ID:001C
ID:1033
ID:001D
ID:1033
ID:001E
ID:1033
ID:001F
ID:1033
ID:0020
ID:1033
ID:0021
ID:1033
ID:0022
ID:1033
ID:0023
ID:1033
ID:0024
ID:1033
ID:0025
ID:1033
ID:0026
ID:1033
ID:0027
ID:1033
ID:0028
ID:1033
ID:0029
ID:1033
ID:002A
ID:1033
ID:002B
ID:1033
ID:002C
ID:1033
ID:002D
ID:1033
ID:002E
ID:1033
ID:002F
ID:1033
ID:0030
ID:1033
ID:0031
ID:1033
ID:0032
ID:1033
ID:0033
ID:1033
ID:0034
ID:1033
RT_STRING
ID:0007
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
ID:0011
ID:1033
ID:0012
ID:1033
ID:0013
ID:1033
ID:0014
ID:1033
ID:0015
ID:1033
ID:0016
ID:1033
ID:0017
ID:1033
ID:0018
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_a07c19bc.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:003F
ID:1033
ID:0040
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Dienkroonklaed.xac
[Authenticode]_cfaf5b58.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_docx_repair.dll
[Authenticode]_81f67894.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_imgs_to_doc.dll
Malicious
[Authenticode]_8fd8c94e.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_pdf_repair.dll
[Authenticode]_29a84413.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_4204ca09.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_TSCommunication_sdk.dll
[Authenticode]_ee48cbe1.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_3beff48c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
Tealgro.ioqv
[Authenticode]_de8df78c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_f8e20149.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.rsrc
.reloc
Resources
RT_STRING
ID:003F
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:00BC
ID:1033
ID:00BD
ID:1033
RT_VERSION
ID:0001
ID:1033
updater
[Authenticode]_16480133.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:1033-preview.png
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
RT_GROUP_CURSOR4
ID:0098
ID:1033
RT_VERSION
ID:0001
ID:1033
manager
ks_tyres.ini
x64
tradingnetworkingsockets.dll
[Authenticode]_cb3b0570.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.rsrc
.reloc
Resources
WEVT_TEMPLATE
ID:0001
ID:4147
[Authenticode]_d967d35e.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
SCID
ID:0000
ID:0
RT_VERSION
ID:0001
ID:0
ID:1033
x86
api-ms-win-core-processthreads-l1-1-1.dll
[Authenticode]_43d98961.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-profile-l1-1-0.dll
[Authenticode]_6ca78227.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-rtlsupport-l1-1-0.dll
[Authenticode]_e2a8925c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-string-l1-1-0.dll
[Authenticode]_c51c8bac.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-synch-l1-1-0.dll
[Authenticode]_9cd9ead8.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-synch-l1-2-0.dll
[Authenticode]_4401f3c0.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-sysinfo-l1-1-0.dll
[Authenticode]_f6f30feb.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-timezone-l1-1-0.dll
[Authenticode]_2b6539aa.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-util-l1-1-0.dll
[Authenticode]_849e1860.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-conio-l1-1-0.dll
[Authenticode]_59c3b2e0.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-convert-l1-1-0.dll
[Authenticode]_9162a078.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-environment-l1-1-0.dll
[Authenticode]_a6e64b23.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-filesystem-l1-1-0.dll
[Authenticode]_f08a67ea.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-heap-l1-1-0.dll
[Authenticode]_91fbe78d.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-locale-l1-1-0.dll
[Authenticode]_372005a9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-math-l1-1-0.dll
[Authenticode]_79edf4d2.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-multibyte-l1-1-0.dll
[Authenticode]_5741d0b2.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-private-l1-1-0.dll
[Authenticode]_3083cfb4.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-process-l1-1-0.dll
[Authenticode]_fbcfda57.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
Resources
RT_VERSION
ID:0001
ID:1033
9d10d07c49f76a19b7c7b14b06a25385 (11.52 MB)
File Structure
9d10d07c49f76a19b7c7b14b06a25385
Malicious
[Authenticode]_c1c2bf33.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
ID:0011
ID:1033
ID:0012
ID:1033
ID:0013
ID:1033
ID:0014
ID:1033
ID:0015
ID:1033
ID:0016
ID:1033
ID:0017
ID:1033
ID:0018
ID:1033
ID:0019
ID:1033
ID:001A
ID:1033
ID:001B
ID:1033
ID:001C
ID:1033
ID:001D
ID:1033
ID:001E
ID:1033
ID:001F
ID:1033
ID:0020
ID:1033
ID:0021
ID:1033
ID:0022
ID:1033
ID:0023
ID:1033
ID:0024
ID:1033
ID:0025
ID:1033
ID:0026
ID:1033
ID:0027
ID:1033
ID:0028
ID:1033
ID:0029
ID:1033
ID:002A
ID:1033
ID:002B
ID:1033
ID:002C
ID:1033
ID:002D
ID:1033
ID:002E
ID:1033
ID:002F
ID:1033
ID:0030
ID:1033
ID:0031
ID:1033
ID:0032
ID:1033
ID:0033
ID:1033
ID:0034
ID:1033
RT_STRING
ID:0007
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
ID:0011
ID:1033
ID:0012
ID:1033
ID:0013
ID:1033
ID:0014
ID:1033
ID:0015
ID:1033
ID:0016
ID:1033
ID:0017
ID:1033
ID:0018
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_a07c19bc.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:003F
ID:1033
ID:0040
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Dienkroonklaed.xac
[Authenticode]_cfaf5b58.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_docx_repair.dll
[Authenticode]_81f67894.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_imgs_to_doc.dll
Malicious
[Authenticode]_8fd8c94e.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_pdf_repair.dll
[Authenticode]_29a84413.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_4204ca09.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_TSCommunication_sdk.dll
[Authenticode]_ee48cbe1.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_3beff48c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
Tealgro.ioqv
[Authenticode]_de8df78c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_f8e20149.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.rsrc
.reloc
Resources
RT_STRING
ID:003F
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:00BC
ID:1033
ID:00BD
ID:1033
RT_VERSION
ID:0001
ID:1033
updater
[Authenticode]_16480133.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:1033-preview.png
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
RT_GROUP_CURSOR4
ID:0098
ID:1033
RT_VERSION
ID:0001
ID:1033
manager
ks_tyres.ini
x64
tradingnetworkingsockets.dll
[Authenticode]_cb3b0570.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.rsrc
.reloc
Resources
WEVT_TEMPLATE
ID:0001
ID:4147
[Authenticode]_d967d35e.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
SCID
ID:0000
ID:0
RT_VERSION
ID:0001
ID:0
ID:1033
x86
api-ms-win-core-processthreads-l1-1-1.dll
[Authenticode]_43d98961.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-profile-l1-1-0.dll
[Authenticode]_6ca78227.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-rtlsupport-l1-1-0.dll
[Authenticode]_e2a8925c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-string-l1-1-0.dll
[Authenticode]_c51c8bac.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-synch-l1-1-0.dll
[Authenticode]_9cd9ead8.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-synch-l1-2-0.dll
[Authenticode]_4401f3c0.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-sysinfo-l1-1-0.dll
[Authenticode]_f6f30feb.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-timezone-l1-1-0.dll
[Authenticode]_2b6539aa.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-core-util-l1-1-0.dll
[Authenticode]_849e1860.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-conio-l1-1-0.dll
[Authenticode]_59c3b2e0.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-convert-l1-1-0.dll
[Authenticode]_9162a078.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-environment-l1-1-0.dll
[Authenticode]_a6e64b23.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-filesystem-l1-1-0.dll
[Authenticode]_f08a67ea.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-heap-l1-1-0.dll
[Authenticode]_91fbe78d.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-locale-l1-1-0.dll
[Authenticode]_372005a9.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-math-l1-1-0.dll
[Authenticode]_79edf4d2.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-multibyte-l1-1-0.dll
[Authenticode]_5741d0b2.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-private-l1-1-0.dll
[Authenticode]_3083cfb4.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
api-ms-win-crt-process-l1-1-0.dll
[Authenticode]_fbcfda57.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.rsrc
Resources
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.