Suspicious
Suspect

ccf99882b9a93b563e15dc10aecdbcd7

PE Executable
|
MD5: ccf99882b9a93b563e15dc10aecdbcd7
|
Size: 2.99 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
ccf99882b9a93b563e15dc10aecdbcd7
Sha1
b76bad68e641846c9e03a1a4febfc44e8a017700
Sha256
c8f95f93dbe96e81c0fa3a702fdd72c1a8082a20e2dd1b350d1926859e32b583
Sha384
8f4ec412af088207f6a60df600dc5a9199b4d3f8ac27d1fb2207cb1ca4bbaf31100df78bfcdaa15b5b6108e545190872
Sha512
0a142543a123f996cca32229bcbff8fbb4f6b57be91e1b2fe0e33986c1e30f295e09c6fe1f9417094f21eaf07f353a7fe68d6a7cc3697f1d63f3927458c49323
SSDeep
49152:aF4IT4jtErHdEipZxFNdxOgDl8nGcQaYBfJFg0NbdJdqE:S49EtpbFNqG8shF9J8E
TLSH
2FD500E5FE28459ED68482721CA7B038C5B07F742BA2905F25DC3ACA07710937F3A979

PeID

RPolyCryptor V1.4.2 -> Vaska
x64 Themida / Winlicense v3.0.x.0 PACKED sign ASL
File Structure
ccf99882b9a93b563e15dc10aecdbcd7
[Authenticode]_e99ad76b.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.bss
.rsrc
.idata
.themida
.boot
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
ID:0008
ID:0
ID:0009
ID:0
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x2D7E00 size 10304 bytes
ccf99882b9a93b563e15dc10aecdbcd7 (2.99 MB)
File Structure
ccf99882b9a93b563e15dc10aecdbcd7
[Authenticode]_e99ad76b.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.bss
.rsrc
.idata
.themida
.boot
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
ID:0008
ID:0
ID:0009
ID:0
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙