Suspicious
Suspect

b8fcb70a213f704b34e9d8b02dc999e9

Share on LinkedIn
Print
PE Executable
MD5: b8fcb70a213f704b34e9d8b02dc999e9
Size: 3.09 MB
application/x-dosexec

Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.

AI analysis is available with Essential.
Unlock with Essential
MD5 b8fcb70a213f704b34e9d8b02dc999e9
Sha1 ec81a224593ec50b0d8e6fcb90db8b0267a599a7
Sha256 afa29623a6c0dcaa52cfb219e5f2c0fb880f9f6b76fff345a5a067dcf8e2b891
Sha384 5bc7632df51ad4a3f511ef1bdc80e95816a75c278733707612fa46e76d8c129057066b783529a59258493ce67b79d778
Sha512 77b76d1f673a1540ce9112fa076efd2cd336409556e1730eb85a6aa6be67760db497462265795c8eee42f665123e6d4e827b3ae234e066f3d7a06bd624c740d0
SSDeep 49152:BG7rag7Sx0pgEeIRBeCYM4tdYzOBmfq/RxlaKqZ1bqTr5H+oaeyWwJ:EaNxxDIfeCYMmYKBmfmTlVEhUrBKBWC
TLSH 5AE501527F00E502C6861E72CEA4D7F85321FC8CDA99A38730E2AE5BBDED6D35D11294
PeID
Private EXE Protector V2.30-V2.3X -> SetiSoft TeamRPolyCryptor V1.4.2 -> Vaskax64 Themida / Winlicense v3.0.x.0 PACKED sign ASL
[Authenticode]_c20d22d8.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rsrc
.idata
.themida
.boot
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0-preview.png
ID:0003
ID:0
ID:0-preview.png
ID:0004
ID:0
ID:0-preview.png
ID:0005
ID:0
ID:0-preview.png
ID:0006
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:2052
STICH beta

No STICH Path has been generated for this analysis yet.

3 structural branches were classified as secondary (decorative or non-determinant content) and did not produce a fingerprint.

bin 2img 1
Name Value
Info
PE Detect: PeReader OK (file layout)
Info
Authenticode present at 0x2EE200 size 17616 bytes
An error has occurred. This application may no longer respond until reloaded. Reload 🗙