General
Structural Analysis
Config.0
Yara Rules99+
Sync
Community
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | a77522fcddd2b67efbc64deb3279a674
|
| Sha1 | 8aa4b0fb8d6256dae8a9426722a5bb7865a3d6b1
|
| Sha256 | 17355179730a16c9a1e4e81b747ae084618c2210c11dcb78b291ca757dacc853
|
| Sha384 | 7526ecac945937cff8bf579ac6e6efb73257c8b0e73132cdbce1ea2ade9979488b61ed2e074cb439406dee1c7ad7e002
|
| Sha512 | 9a77836253146cd359995c92b61ea21a593527c98bb504e5956c1b61be902c8d7009ebe1e34e42a346d2804d2ff6f94ba5056081a2ef9336128e4bae3e04cae0
|
| SSDeep | 49152:dISMOznnAs/VWo2y/Yj/mayzMAOTO67Ov2Int6BQWP516QRY25dU:dIQD5/cRVOxM7Ov22sBz16QK25dU
|
| TLSH | ACB533ED9E0290D03A6BC72C3070108124299F65F5276E2A3A947FDE5BC1A265D73FD7
|
File Structure
a77522fcddd2b67efbc64deb3279a674
AppSuite-PDF
Root Entry
䡀䌏䈯
䡀㲞䈝䗻
䡀䈖䌧䠤
䡀䌋䄱䜵
䡀䌍䏤䊲
䡀㬿䏲䐸䖱
䡀㽿䅤䈯䠶
䡀䈏䗤䕸䠨
䡀䋌䆨㫮䛲
䡀䒌䗱䒵䠯
䡀䓞䕪䇤䠨
䡀䕙䓲䕨䜷
䡀䈝䗻䗜䏼䠨
䡀䌍䈵䗦䕲䠼
䡀䒌䓰䑲䑨䠷
䡀㼿䕷䑬㭪䗤䠤
䡀㼿䕷䑬㹪䒲䠯
䡀㿿䏤䇬䗤䒬䠱
䡀䄛䌧㫲䗸䒷䠱
䡀䒌䗱䒵㮯䈹䗱
䡀䖖㯬䏬㱨䖤䠫
䡀䘌䗶䐲䆊䌷䑲
䡀䙎䑨㶷䓤䌳䊱
㭙㢏㮀䌧䒷䞵䄦䠥
Program.cs_4056852896
䡀䖖㮬䅰䇨䈧㾧䠒
[Authenticode]_24e7d985.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
䡀䇊䌰㾱㼒䔨䈸䆱䠨
䡀䒌䗱䒵㬯䑲䌧䌷䑲
䌋䄱䜵䀾䛬㲞㫿䓰㷿䚨
䌋䄱䜵䀾䛬㲞㫿䓰㾿䠳
䡀䈏䗤䕸㬨䐲䒳䈱䗱䠶
䡀䑒䗶䏤㾯㼒䔨䈸䆱䠨
䌋䄱䜵䀾䛬㲞㲿䒦㲿䉱䠲
䌋䄱䜵䀾䛬䋜䕤䟳㲞䈝䗻
䡀䇊䌰㮱䈻䘦䈷䈜䘴䑨䈦
䡀䇊䗹䛎䆨䗸㼨䔨䈸䆱䠨
䌋䄱䜵䀾䛬㲞㫿䓰㫿䑤䈱䠵
䌋䄱䜵䀾䛬㲞㫿䓰㭿䄬䒯䠪
䌋䄱䜵䀾䛬㲞㲿䒦㮿䆻䄯䠰
䡀䑒䗶䏤㮯䈻䘦䈷䈜䘴䑨䈦
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䄋䑱䕨
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䄋䑱䕨-preview.png
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䌍䏤䊲
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䌍䏤䊲-preview.png
䌋䄱䜵䀾䛬䋜䕤䟳䌕䈦䆱㯨䏬䠨
DigitalSignature
SummaryInformation
䖖㮬䅰䇨䈧㾧䞒䌠㼻䄫䓵㮿䅰䇨䈧㾧䟒䖊䠰
Overlay_97198cb9.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
ID:1033
䌋䄱䜵䀾䛬䋜䕤䟳䑒䗬䘛䗱䐬䟨䆊䌷䑲㯿䏬䠨
Overlay_52276732.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
WixToolset.Dtf.WindowsInstaller.dll
[Authenticode]_114ee7b6.p7b
MsiDigitalSignatureEx
WixSharp.UI.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
.Net Resources
WixSharp.UI.Forms.InstallScopeDialog.resources
WixSharp.UI.ManagedUI.Resources.resources
WixSharpUI_Bmp_Banner
[NBF]root.Data
WixSharpUI_Bmp_Dialog
[NBF]root.Data
WixUI_en_us
wixui_zip
WixUI_Advanced.wxs
WixUI_ar-SA.wxl
WixUI_bg-BG.wxl
WixUI_ca-ES.wxl
WixUI_cs-CZ.wxl
WixUI_da-DK.wxl
WixUI_de-de.wxl
WixUI_el-GR.wxl
WixUI_es-es.wxl
WixUI_et-EE.wxl
WixUI_FeatureTree.wxs
WixUI_fi-FI.wxl
WixUI_fr-fr.wxl
WixUI_he-IL.wxl
WixUI_hi-IN.wxl
WixUI_hr-HR.wxl
WixUI_hu-HU.wxl
WixUI_InstallDir.wxs
WixUI_it-it.wxl
WixUI_ja-jp.wxl
WixUI_kk-KZ.wxl
WixUI_ko-KR.wxl
WixUI_lt-LT.wxl
WixUI_lv-LV.wxl
WixUI_Minimal.wxs
WixUI_Mondo.wxs
WixUI_nb-NO.wxl
WixUI_nl-NL.wxl
WixUI_pl-pl.wxl
WixUI_pt-BR.wxl
WixUI_pt-PT.wxl
WixUI_ro-RO.wxl
WixUI_ru-ru.wxl
WixUI_sk-SK.wxl
WixUI_sl-SI.wxl
WixUI_sr-Latn-CS.wxl
WixUI_sv-SE.wxl
WixUI_th-TH.wxl
WixUI_tr-TR.wxl
WixUI_uk-UA.wxl
WixUI_zh-CN.wxl
WixUI_zh-HK.wxl
WixUI_zh-TW.wxl
EmbeddedUI.config
S3.exe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
S3.g.resources
WixSharp.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
.Net Resources
WixSharp.Nsis.macros.nsh
WixSharp.Bootstrapper.runtime.win_x86.mbanative.dll
[Authenticode]_4888d895.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
WixSharp.UI.WPF.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
WixSharp.UI.WPF.g.resources
WixToolset.Dtf.WindowsInstaller.dll
[Authenticode]_19ac9cc9.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
WixToolset.Dtf.WindowsInstaller.Errors.resources
WixToolset.Mba.Core.dll
[Authenticode]_695e8be8.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Program.cs_4056852896
Artefacts
|
Name0 | Value |
|---|---|
| PE Layout | MemoryMapped (process dump suspected) |
a77522fcddd2b67efbc64deb3279a674 (2.32 MB)
File Structure
a77522fcddd2b67efbc64deb3279a674
AppSuite-PDF
Root Entry
䡀䌏䈯
䡀㲞䈝䗻
䡀䈖䌧䠤
䡀䌋䄱䜵
䡀䌍䏤䊲
䡀㬿䏲䐸䖱
䡀㽿䅤䈯䠶
䡀䈏䗤䕸䠨
䡀䋌䆨㫮䛲
䡀䒌䗱䒵䠯
䡀䓞䕪䇤䠨
䡀䕙䓲䕨䜷
䡀䈝䗻䗜䏼䠨
䡀䌍䈵䗦䕲䠼
䡀䒌䓰䑲䑨䠷
䡀㼿䕷䑬㭪䗤䠤
䡀㼿䕷䑬㹪䒲䠯
䡀㿿䏤䇬䗤䒬䠱
䡀䄛䌧㫲䗸䒷䠱
䡀䒌䗱䒵㮯䈹䗱
䡀䖖㯬䏬㱨䖤䠫
䡀䘌䗶䐲䆊䌷䑲
䡀䙎䑨㶷䓤䌳䊱
㭙㢏㮀䌧䒷䞵䄦䠥
Program.cs_4056852896
䡀䖖㮬䅰䇨䈧㾧䠒
[Authenticode]_24e7d985.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
䡀䇊䌰㾱㼒䔨䈸䆱䠨
䡀䒌䗱䒵㬯䑲䌧䌷䑲
䌋䄱䜵䀾䛬㲞㫿䓰㷿䚨
䌋䄱䜵䀾䛬㲞㫿䓰㾿䠳
䡀䈏䗤䕸㬨䐲䒳䈱䗱䠶
䡀䑒䗶䏤㾯㼒䔨䈸䆱䠨
䌋䄱䜵䀾䛬㲞㲿䒦㲿䉱䠲
䌋䄱䜵䀾䛬䋜䕤䟳㲞䈝䗻
䡀䇊䌰㮱䈻䘦䈷䈜䘴䑨䈦
䡀䇊䗹䛎䆨䗸㼨䔨䈸䆱䠨
䌋䄱䜵䀾䛬㲞㫿䓰㫿䑤䈱䠵
䌋䄱䜵䀾䛬㲞㫿䓰㭿䄬䒯䠪
䌋䄱䜵䀾䛬㲞㲿䒦㮿䆻䄯䠰
䡀䑒䗶䏤㮯䈻䘦䈷䈜䘴䑨䈦
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䄋䑱䕨
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䄋䑱䕨-preview.png
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䌍䏤䊲
䌋䄱䜵䀾䛬䋜䕤㾳䟒䐋䟳䌍䏤䊲-preview.png
䌋䄱䜵䀾䛬䋜䕤䟳䌕䈦䆱㯨䏬䠨
DigitalSignature
SummaryInformation
䖖㮬䅰䇨䈧㾧䞒䌠㼻䄫䓵㮿䅰䇨䈧㾧䟒䖊䠰
Overlay_97198cb9.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
ID:1033
䌋䄱䜵䀾䛬䋜䕤䟳䑒䗬䘛䗱䐬䟨䆊䌷䑲㯿䏬䠨
Overlay_52276732.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
WixToolset.Dtf.WindowsInstaller.dll
[Authenticode]_114ee7b6.p7b
MsiDigitalSignatureEx
WixSharp.UI.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
.Net Resources
WixSharp.UI.Forms.InstallScopeDialog.resources
WixSharp.UI.ManagedUI.Resources.resources
WixSharpUI_Bmp_Banner
[NBF]root.Data
WixSharpUI_Bmp_Dialog
[NBF]root.Data
WixUI_en_us
wixui_zip
WixUI_Advanced.wxs
WixUI_ar-SA.wxl
WixUI_bg-BG.wxl
WixUI_ca-ES.wxl
WixUI_cs-CZ.wxl
WixUI_da-DK.wxl
WixUI_de-de.wxl
WixUI_el-GR.wxl
WixUI_es-es.wxl
WixUI_et-EE.wxl
WixUI_FeatureTree.wxs
WixUI_fi-FI.wxl
WixUI_fr-fr.wxl
WixUI_he-IL.wxl
WixUI_hi-IN.wxl
WixUI_hr-HR.wxl
WixUI_hu-HU.wxl
WixUI_InstallDir.wxs
WixUI_it-it.wxl
WixUI_ja-jp.wxl
WixUI_kk-KZ.wxl
WixUI_ko-KR.wxl
WixUI_lt-LT.wxl
WixUI_lv-LV.wxl
WixUI_Minimal.wxs
WixUI_Mondo.wxs
WixUI_nb-NO.wxl
WixUI_nl-NL.wxl
WixUI_pl-pl.wxl
WixUI_pt-BR.wxl
WixUI_pt-PT.wxl
WixUI_ro-RO.wxl
WixUI_ru-ru.wxl
WixUI_sk-SK.wxl
WixUI_sl-SI.wxl
WixUI_sr-Latn-CS.wxl
WixUI_sv-SE.wxl
WixUI_th-TH.wxl
WixUI_tr-TR.wxl
WixUI_uk-UA.wxl
WixUI_zh-CN.wxl
WixUI_zh-HK.wxl
WixUI_zh-TW.wxl
EmbeddedUI.config
S3.exe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
S3.g.resources
WixSharp.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
.Net Resources
WixSharp.Nsis.macros.nsh
WixSharp.Bootstrapper.runtime.win_x86.mbanative.dll
[Authenticode]_4888d895.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
WixSharp.UI.WPF.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
WixSharp.UI.WPF.g.resources
WixToolset.Dtf.WindowsInstaller.dll
[Authenticode]_19ac9cc9.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
WixToolset.Dtf.WindowsInstaller.Errors.resources
WixToolset.Mba.Core.dll
[Authenticode]_695e8be8.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Program.cs_4056852896
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PE Layout | MemoryMapped (process dump suspected) |
a77522fcddd2b67efbc64deb3279a674 > AppSuite-PDF > Root Entry > 䌋䄱䜵䀾䛬䋜䕤䟳䑒䗬䘛䗱䐬䟨䆊䌷䑲㯿䏬䠨 > WixToolset.Dtf.WindowsInstaller.dll |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.