Suspicious
Suspect

baf9949e853bc2a3479b10e6335e1bd2

AutoIt Compiled Script
|
MD5: baf9949e853bc2a3479b10e6335e1bd2
|
Size: 1.46 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
baf9949e853bc2a3479b10e6335e1bd2
Sha1
33bc48636e242db9bf5efbaebb53ef64b5f10276
Sha256
6aaa12302d88ebf9486d546f7c8c5ea0930ae6e5db2b70cbe0552dc3f57ee2e2
Sha384
1cb85e6a7287d61c3247c2b992e3f2da15e00258796c364a880335198c116c3c0dce7b41f2d549c503354b84082a1186
Sha512
a5d705376cbec52d8d4ccce40803376870002d721bde052a1b917f0fa7b77a5a47bc7f0a09a9be31625bad52d7875e4d2471d3553cdde292b277b72e09fcc55b
SSDeep
24576:IVD15G5gV/Sk60C2Vf6ugOFhmWGCPguQh7Xz8AFYklnresL7c/YyU:IRG6V/SkI2l6ieCIRn8AFYiCsc1U
TLSH
966533D3456293A7DDA12876B4706B051FCF25247DC307BE479835783A33A909A1EB3E

PeID

Microsoft Visual C++ v6.0 DLL
Nullsoft PiMP Stub -> SFX
File Structure
baf9949e853bc2a3479b10e6335e1bd2
Overlay_656d32d2.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Overlay extracted: Overlay_656d32d2.bin (1040661 bytes)
baf9949e853bc2a3479b10e6335e1bd2 (1.46 MB)
File Structure
baf9949e853bc2a3479b10e6335e1bd2
Overlay_656d32d2.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙