Malicious
Malicious

c510e576100af1a700d5028e7278482c

PE Executable
|
MD5: c510e576100af1a700d5028e7278482c
|
Size: 655.36 KB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
c510e576100af1a700d5028e7278482c
Sha1
02363c2855887e0c951904a2788413332c8f771d
Sha256
0ff2942601a42220b5dc6efd49f1cb98f51fd5028e73574eb76ceba501092536
Sha384
7971dc39b40f2df18bb69fff513b72a73a95155f2292fd3b99bbefb466d6d240c16c016c7498ddc2b81e530906800dbb
Sha512
5054d7b8d2b93e3d1bf9b844497f61120c73df1833ed4cabedb51b27be71b2fa790f97b760f02157f6316ec623c6083e24e67ee4c9dfad8ae8445874388686fa
SSDeep
12288:FsjCF2QZiOU+4zX7wM45QygROD22O3ZGdZD7AyyymI:FOC39Uv7V4WnROD22cqD7YI
TLSH
B5D4CF0AFA5381A1E809083714EAF77B1630AE174725CEC7EBC0FB98AC77BD16579506

PeID

Microsoft Visual C++ v6.0 DLL
File Structure
c510e576100af1a700d5028e7278482c
Malicious
[Authenticode]_874623c1.p7b
Overlay_0fb76dc6.bin
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.X2"*
.d>ir
.1
.T:O
.b9"g9Y
.LJn
.'
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
RT_MENU
ID:008D
ID:1033
ID:0169
ID:1033
ID:026D
ID:1033
ID:0305
ID:1033
RT_DIALOG
ID:004C
ID:1033
RT_RCDATA
ID:0064
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x39400 size 7801 bytes
Info

Overlay extracted: Overlay_0fb76dc6.bin (413056 bytes)
Artefacts
Name
 Value
LummaEncrypted@00039526 [070615000000]


LummaEncrypted@00039535 [120614235959]

K_
LummaEncrypted@000398DD [031204000000]


LummaEncrypted@000398EC [131203235959]

JK
LummaEncrypted@00039C78 [040716000000]


LummaEncrypted@00039C87 [140715235959]

M^
LummaEncrypted@0003A191 [090211000000]


LummaEncrypted@0003A1A0 [120211235959]

K[
LummaEncrypted@0003A892 [090213104341]

JC
LummaEncrypted@000404B6 [2DF8D04C]

LummaEncrypted@00040DC5 [00000000]

LummaEncrypted@00040DDD [000000000000]

LummaEncrypted@00041205 [00000000]

LummaEncrypted@00041268 [8D8F21B62347274727422C422C]

????? ??
LummaEncrypted@0004128A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]

D~?/???/#?r?????=.??DE'/????
LummaEncrypted@000412DB [A7A50BDC15E4A3E5A3E5A3]

?A?9@?
LummaEncrypted@0004130E [00000001]

LummaEncrypted@00041318 [3832D640]

LummaEncrypted@00041330 [00A0C911005A]

LummaEncrypted@00041344 [00000000]

LummaEncrypted@00094C17 [0123456789abcdef]

????
LummaEncrypted@00094C2A [0123456789ABCDEF]

????
LummaEncrypted@00094C3F [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@00095F2F [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0009668B [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LummaEncrypted@00096FF0 [0123456789ABCDEF]

????
LummaEncrypted@00097018 [7567fff5468f5b682780aea4c2eb6266]

3???R?QQ????
LummaEncrypted@00005236 [2DF8D04C]

LummaEncrypted@00005B45 [00000000]

LummaEncrypted@00005B5D [000000000000]

LummaEncrypted@00005F85 [00000000]

LummaEncrypted@00005FE8 [8D8F21B62347274727422C422C]

????? ??
LummaEncrypted@0000600A [1A18B6495E665E66A19A5F663902363B9B9748CDA72598CF02BBF20C3D372E810F1D404791]

D~?/???/#?r?????=.??DE'/????
LummaEncrypted@0000605B [A7A50BDC15E4A3E5A3E5A3]

?A?9@?
LummaEncrypted@0000608E [00000001]

LummaEncrypted@00006098 [3832D640]

LummaEncrypted@000060B0 [00A0C911005A]

LummaEncrypted@000060C4 [00000000]

LummaEncrypted@00059997 [0123456789abcdef]

????
LummaEncrypted@000599AA [0123456789ABCDEF]

????
LummaEncrypted@000599BF [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0005ACAF [00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899]

 $$$$((22226666::@@@@DDDDHHRRRRVVVVZZ````ddddhhrrrrvvvvzz????????????????????
LummaEncrypted@0005B40B [000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF]

  $$$$((((,,,,000044448888<<<<@@@@DDDDHHHHLLLLPPPPTTTTXXXX\\\\````ddddhhhhllllppppttttxxxx||||????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LummaEncrypted@0005BD70 [0123456789ABCDEF]

????
LummaEncrypted@0005BD98 [7567fff5468f5b682780aea4c2eb6266]

3???R?QQ????
c510e576100af1a700d5028e7278482c (655.36 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙