General
Structural Analysis
Config.1
Yara Rules1
Sync
Community
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | c8e35461eabb266d1d64be4e1466b34a
|
| Sha1 | 085347486996fdb6b324392a18b1adec861ee586
|
| Sha256 | 09568422f2f97358c64faf720ef846bcc018c2d3400620800d418e340cb93f11
|
| Sha384 | 4cd8e7d6f3c56e9324cfbef65a98a32a8d5b1b6bdabf76954985c17e4e04fd7940ca1d20e7f030172c6fa97ff8fd8cd8
|
| Sha512 | f3bc62fe06add4ddbd7343e06cd012d7e20ed83e027855b898bbc86ce3ab34e6075dacc5e0527aaa3b600e67f784813a1d50ee9d611d832988432c5384e38e52
|
| SSDeep | 196608:6DLzhhUD5yJOg7BDryx1GcoooekR3vvQMOFiL:g/hhVJlRboyH7
|
| TLSH | 4B763319B60FDCF4F387703C59EF60A685315AE9E89686CC47AE6A5E087344BC43B14E
|
PeID
Microsoft Visual C++ v6.0 DLL
UPolyX 0.3 -> delikon
File Structure
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rsrc
.idata
zmuivsfv
xkvwhfbn
.pdata
.taggant
Resources
RT_MANIFEST
ID:0001
ID:0
ID:1033
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | http://schemas.microsoft.com/SMI/2016/WindowsSettings |
| URL #2 | http://schemas.microsoft.com/SMI/2019/WindowsSettings |
c8e35461eabb266d1d64be4e1466b34a (7.63 MB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rsrc
.idata
zmuivsfv
xkvwhfbn
.pdata
.taggant
Resources
RT_MANIFEST
ID:0001
ID:0
ID:1033
Characteristics
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | http://schemas.microsoft.com/SMI/2016/WindowsSettings |
| URL #2 | http://schemas.microsoft.com/SMI/2019/WindowsSettings |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.