Suspect
a01f2e58d64fb224b448a19100828d53
PE Executable | MD5: a01f2e58d64fb224b448a19100828d53 | Size: 4.95 MB | application/x-dosexec
PE Executable
MD5: a01f2e58d64fb224b448a19100828d53
Size: 4.95 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | a01f2e58d64fb224b448a19100828d53
|
| Sha1 | 19340c80e820a5a40f1dd04d489d846a33702c27
|
| Sha256 | aee7978dc8889e53d9cbd36ff78c5c26d92e52365591accc0a7ba2afbcc40dbf
|
| Sha384 | 5d71446ec7a746bea7d939ce93c418654cb75a72e676c3a91eaa70863cb81f25305704c9bdc3a8bc57061ad215cf3fbb
|
| Sha512 | 3865dbaec311344f509ef74839e622af4ccefa3784ede3c1e50c8b6cca9dc73613b0f7cdc46681ecb54ca16e7ab6540e937b7f9ac0d3ecbf588dac496c7e8885
|
| SSDeep | 98304:+pJHoLSblSMpjVj7WdUVBYBva+zDRf9DRl6R3dNx+fSOkDnlLN:+pJHBbNZB5BYBy+fRVD76R3Z+frG5
|
| TLSH | ED363351B752F4F7DA364236CF0AEF629176E7B3B2406F8B52A14E053C97351A20B4CA
|
PeID
Microsoft Visual C++
Microsoft Visual C++ 5.0
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ v6.0
Microsoft Visual C++ v6.0
Microsoft Visual C++ v6.0 DLL
File Structure
a01f2e58d64fb224b448a19100828d53
7z-stream @ 0x0002DF4A.7z
Klaert.wrc
Stor.kbp
[Authenticode]_a07c19bc.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:003F
ID:1033
ID:0040
ID:1033
RT_VERSION
ID:0001
ID:1033
lib_TSCommunication_sdk.dll
[Authenticode]_ee48cbe1.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_TSDeviceViewerSDK.dll
[Authenticode]_85e14468.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_f707a63e.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_de8df78c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Overlay_14d011e1.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
Resources
RT_ICON
ID:0001
ID:1049
ID:0002
ID:1049
ID:0003
ID:1049
ID:0004
ID:1049
ID:0005
ID:1049
RT_GROUP_CURSOR4
ID:0065
ID:1049
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_14d011e1.bin (4766554 bytes) |
a01f2e58d64fb224b448a19100828d53 (4.95 MB)
File Structure
a01f2e58d64fb224b448a19100828d53
7z-stream @ 0x0002DF4A.7z
Klaert.wrc
Stor.kbp
[Authenticode]_a07c19bc.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_STRING
ID:003F
ID:1033
ID:0040
ID:1033
RT_VERSION
ID:0001
ID:1033
lib_TSCommunication_sdk.dll
[Authenticode]_ee48cbe1.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
lib_TSDeviceViewerSDK.dll
[Authenticode]_85e14468.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_f707a63e.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.tls
.00cfg
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:2052
[Authenticode]_de8df78c.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Overlay_14d011e1.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
Resources
RT_ICON
ID:0001
ID:1049
ID:0002
ID:1049
ID:0003
ID:1049
ID:0004
ID:1049
ID:0005
ID:1049
RT_GROUP_CURSOR4
ID:0065
ID:1049
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.