Suspect
af0854db00713cb91b6ff30dc93fc5d8
PE Executable | MD5: af0854db00713cb91b6ff30dc93fc5d8 | Size: 22.9 MB | application/x-dosexec
PE Executable
MD5: af0854db00713cb91b6ff30dc93fc5d8
Size: 22.9 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | af0854db00713cb91b6ff30dc93fc5d8
|
| Sha1 | 5334fff6c62ba810f5ad66add2ea14bfa9de4acb
|
| Sha256 | abad3e70da1afa3c8a34ee02e658004e254bc140caf873d6a62d8deeeb9d934d
|
| Sha384 | e2cde8409447cab5244e01509cec496fdb59f98b215bcacda8dcd741c5dc98425aeb8d1196e66cbaab8a75705bcff117
|
| Sha512 | 6b0794db02653277051cd31fc4b0346ccbe9498d9f31716d5c30fbd98cb2c37d50468d701937b08d11ec8947c077736b2cb2b7d59bfb794ecb2156451b601897
|
| SSDeep | 393216:FkPLbrZpaWM+yRXROscOwDp4R0r+4aVZkeV72962VW2dpcfgB3nUTiUhQ5:FkDhpaWM+ikscOip40nbe9B2Uf8nU7
|
| TLSH | 9537336D5460943BDED266F8E35D4377EAEB17F96A678C6D3A4A30CF4007BC0A11231A
|
PeID
Microsoft Visual C++ v6.0 DLL
UPolyX 0.3 -> delikon
File Structure
af0854db00713cb91b6ff30dc93fc5d8
[NSIS Installer] @ #0000A608
nsis7z.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
7z-stream @ 0x0000AE2E.7z
1FILE.1A.gpg
2FILE.1A.gpg
3FILE.1A.gpg
4FILE.1A.gpg
5FILE.1A.gpg
[Authenticode]_ea479c5d.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.idata
.CRT
.tls
.rsrc
4
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
[Authenticode]_e21113e1.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.idata
.CRT
.tls
.rsrc
4
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
[Authenticode]_4b82cb7a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_234ed489.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_60cbb70e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
[Authenticode]_f6846226.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_e7718b54.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.reloc
4
[Authenticode]_64495e21.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_eb725323.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Authenticode present at 0x15D53A0 size 11472 bytes |
af0854db00713cb91b6ff30dc93fc5d8 (22.9 MB)
File Structure
af0854db00713cb91b6ff30dc93fc5d8
[NSIS Installer] @ #0000A608
nsis7z.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
7z-stream @ 0x0000AE2E.7z
1FILE.1A.gpg
2FILE.1A.gpg
3FILE.1A.gpg
4FILE.1A.gpg
5FILE.1A.gpg
[Authenticode]_ea479c5d.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.idata
.CRT
.tls
.rsrc
4
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
[Authenticode]_e21113e1.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.idata
.CRT
.tls
.rsrc
4
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
[Authenticode]_4b82cb7a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_234ed489.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_60cbb70e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
[Authenticode]_f6846226.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_e7718b54.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.reloc
4
[Authenticode]_64495e21.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.rdata
.bss
.edata
.idata
.CRT
.tls
.rsrc
.reloc
4
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_eb725323.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.