Suspicious
Suspect

b2bac51c648da0bec4a858418b2ff45b

PE Executable
|
MD5: b2bac51c648da0bec4a858418b2ff45b
|
Size: 3.72 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
b2bac51c648da0bec4a858418b2ff45b
Sha1
d1c1b0788d5fb94044cd72bed2171a4e4f83d5a8
Sha256
a1fed92894c58eb43e6e87cd1c19cf6ad0b854fe6c8097823e42545f85b68ca2
Sha384
dbef7939ef66a4fff3f47cc221af8763b055572755e3b647ce97da0d047ef04473a4a5415933029028ffac33ee4c5dc0
Sha512
915e8abc3191b7edf0477f7e4a320304a7be5c8f5878d53cf2514a22d57226041a96451d22db703a1c0b0b3140eb4939641e89a79acc707ec4b091ded29b75cc
SSDeep
49152:WS0a7p4XWdQAxzNU2o4SCdDHyhXEDj2HKyCj:WhJTWRyE3SKyC
TLSH
75067D13BCA509E9C0AAA33289A642927B75BC590F3223D72E50B77C2F73BD09D75714

PeID

HQR data file
Microsoft Visual C++ v6.0 DLL
tElock 1.0 (private) -> tE!
tElock 1.0 (private) -> tE!
File Structure
b2bac51c648da0bec4a858418b2ff45b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.xdata
.idata
.reloc
.symtab
4
19
32
46
65
78
90
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Artefacts
Name
 Value
URLs in VB Code - #1

http://Player_APPDATAWindowsStartupcscriptnil
b2bac51c648da0bec4a858418b2ff45b (3.72 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙