Suspicious
Suspect

c060664821f70bb0406ac6591943a6e8

PE Executable
|
MD5: c060664821f70bb0406ac6591943a6e8
|
Size: 12.67 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
c060664821f70bb0406ac6591943a6e8
Sha1
e15f5c085bcca35e56dc27608cd2c923953948a4
Sha256
7b56bf129830c3a1545910ffb3acb0e4e0307aa53ec01b258eacd831fcaab71f
Sha384
5081c953f6643803e132b45c7635fd85a8477cdfad70f3a23ad9bb349fe0362dccb8b8450cc57778ee18abe6d2cc2fbc
Sha512
a352d5eb088f31206e8dbf43cddaa1111ba076b68d9ba58713789110fc26c410ff2590e05902713f6b65518c1e3abd4ba2c8860df02924d8a0eb6673abe3c51b
SSDeep
98304:kQgZdW5JUmAExyHoAQetMx/Yx2i7QGlve/h/xDt/0hNZslJ+FBoY56vdSnu1hSyp:kQke5A05AXFN3delxDtPAFGfcn+hr7mE
TLSH
35D68E239DD08274F5C651FE86FD3B6AC96D8A05033991C399C83C985B319E63A3E74B

PeID

MS Visual C++ v7.0 DLL
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ v6.0 DLL
Private EXE Protector V2.30-V2.3X -> SetiSoft Team
UPolyX 0.3 -> delikon
Visual C++ 2003 DLL -> Microsoft
Visual C++ 2005 DLL -> Microsoft
File Structure
c060664821f70bb0406ac6591943a6e8
[Authenticode]_0fb8ea44.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.unwante
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0xC11600 size 12008 bytes
Info

PDB Path: d:\OpenSourceProjs\wke-master\build\vs2008\Release_Cairo_CFLite\bin\wke.pdb
c060664821f70bb0406ac6591943a6e8 (12.67 MB)
File Structure
c060664821f70bb0406ac6591943a6e8
[Authenticode]_0fb8ea44.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.unwante
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙