Suspicious
Suspect

abf4a1bac5f0740f36e9d204e8d96b99

GZIP Archive
|
MD5: abf4a1bac5f0740f36e9d204e8d96b99
|
Size: 803.15 KB
|
application/gzip

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
abf4a1bac5f0740f36e9d204e8d96b99
Sha1
386b255d96dbe4c17fbef08163701eb731c8df1c
Sha256
74d3058d4b75bf4bd0cb223a8d1f7459b86c08a4ccde6064517ecacc4379fa83
Sha384
181b899adc19e822e03c155622b3ff41e8e4a5390d27b28b66524fdda5a968a262d72fcef618b4ec623c5abce3eeb458
Sha512
5074cd71771aa10077f6779dd56587ffd5111375f09fccdc360a1269b29c4f8429f03d163db1168cf4a4f7211c73c87d417a3a7bbe74894ce8a748108456252c
SSDeep
24576:vXIwxfX+hMzciF9a4KAhNCUwbWsFHXZU1CD:vXpFX+KzDF9a4KWCvWsBXZX
TLSH
8F053348DAD95E53913BD6200E36337EE538189AF1EB4DC714E7C699EBC3DEAE040A05
File Structure
abf4a1bac5f0740f36e9d204e8d96b99
DHL KULI500796821_PO2208129_SCAN.exe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
XAMPP.CreateAccountForm.resources
XAMPP.LoginForm.resources
$this.Icon
[NBF]root.IconData
Arch
[NBF]root.Data
backgroundWorker1.TrayLocation
backgroundWorker2.TrayLocation
backgroundWorker3.TrayLocation
XAMPP.Form10.resources
button2.Image
[NBF]root.Data
[NBF]root.Data-preview.png
XAMPP.Form7.resources
button1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
XAMPP.Properties.Resources.resources
20409198
[NBF]root.Data
[NBF]root.Data-preview.png
LOg outd
[NBF]root.Data
[NBF]root.Data-preview.png
Log out
[NBF]root.Data
[NBF]root.Data-preview.png
Next
[NBF]root.Data
[NBF]root.Data-preview.png
WhatsApp Image 2024-07-03 at 12.11.07 PM
[NBF]root.Data
[NBF]root.Data-preview.png
back
[NBF]root.Data
[NBF]root.Data-preview.png
close
[NBF]root.Data
[NBF]root.Data-preview.png
flat-lay-pills-stethoscope-arrangement (1)
[NBF]root.Data
[NBF]root.Data-preview.png
icons8-end-button-50
[NBF]root.Data
[NBF]root.Data-preview.png
icons8-power-off-button
[NBF]root.Data
[NBF]root.Data-preview.png
logout
[NBF]root.Data
[NBF]root.Data-preview.png
logout_1
[NBF]root.Data
[NBF]root.Data-preview.png
next12e
[NBF]root.Data
[NBF]root.Data-preview.png
previous
[NBF]root.Data
[NBF]root.Data-preview.png
xbF
[NBF]root.Data
[NBF]root.Data-preview.png
abf4a1bac5f0740f36e9d204e8d96b99 (803.15 KB)
File Structure
abf4a1bac5f0740f36e9d204e8d96b99
DHL KULI500796821_PO2208129_SCAN.exe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
XAMPP.CreateAccountForm.resources
XAMPP.LoginForm.resources
$this.Icon
[NBF]root.IconData
Arch
[NBF]root.Data
backgroundWorker1.TrayLocation
backgroundWorker2.TrayLocation
backgroundWorker3.TrayLocation
XAMPP.Form10.resources
button2.Image
[NBF]root.Data
[NBF]root.Data-preview.png
XAMPP.Form7.resources
button1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
XAMPP.Properties.Resources.resources
20409198
[NBF]root.Data
[NBF]root.Data-preview.png
LOg outd
[NBF]root.Data
[NBF]root.Data-preview.png
Log out
[NBF]root.Data
[NBF]root.Data-preview.png
Next
[NBF]root.Data
[NBF]root.Data-preview.png
WhatsApp Image 2024-07-03 at 12.11.07 PM
[NBF]root.Data
[NBF]root.Data-preview.png
back
[NBF]root.Data
[NBF]root.Data-preview.png
close
[NBF]root.Data
[NBF]root.Data-preview.png
flat-lay-pills-stethoscope-arrangement (1)
[NBF]root.Data
[NBF]root.Data-preview.png
icons8-end-button-50
[NBF]root.Data
[NBF]root.Data-preview.png
icons8-power-off-button
[NBF]root.Data
[NBF]root.Data-preview.png
logout
[NBF]root.Data
[NBF]root.Data-preview.png
logout_1
[NBF]root.Data
[NBF]root.Data-preview.png
next12e
[NBF]root.Data
[NBF]root.Data-preview.png
previous
[NBF]root.Data
[NBF]root.Data-preview.png
xbF
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙