Suspicious
Suspect

ccd5c8a0773f505c25b754b8863b58f9

PE Executable
MD5: ccd5c8a0773f505c25b754b8863b58f9
Size: 5.27 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Hash
Hash Value
MD5
ccd5c8a0773f505c25b754b8863b58f9
Sha1
b2328a12714e7d26bf70a472a1d3a1b0361db9a9
Sha256
a32575ab0959baeec62fd4a7165667045ee10ba8e01b6ea883e4efc545dc65de
Sha384
d9142f951015705c55f7023836c9d5c7b54b467a490b373d33eab7f75ff72e997e4ae312c7970242c8412badf07a83f5
Sha512
f0c948ee035b2dee32f9f2b8ff72bcd77bd3f4544ae457b4cbb3e1ef9f6c4ea4fb0e43b101522b79f8dd9d3f838ec98c7afd24e92a97522675cd92d35f7c6826
SSDeep
12288:T1bLgmluCti62ybaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+D+dSNs5SQe:RbLgurihdmMSirYbcMNgef0pASk
TLSH
4136239676AC41F8C1162230D0B74631F6B77CBE21BE9B0FDB908A612D13791BB64F46

PeID

Microsoft Visual C++ 6.0
Microsoft Visual C++ 6.0 DLL
Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ v6.0 DLL
UPolyX 0.3 -> delikon
File Structure
Overlay_693e9af8.bin
Informations
Name
Value
Info

PE Detect: PeReader FAIL, AsmResolver Mapped OK

Info

Overlay extracted: Overlay_693e9af8.bin (3 bytes)

Info

Remap: Mapped -> FileLayout (RAM only) as [Rebuild from dump]_1ee5992c.exe

Artefacts
Name
Value
PE Layout

MemoryMapped (process dump suspected)

PE Layout

MemoryMapped (process dump suspected)

ccd5c8a0773f505c25b754b8863b58f9 (5.27 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙