General
Structural Analysis
Config.0
Yara Rules29
Sync
Community
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | d2d5408177eeb1187fa3c4eda27021de
|
| Sha1 | cfc1fc6848de2fd502ee2b257c3542779f3fcba7
|
| Sha256 | 12e2c5f3ef83bca517735a1746d53c3530336204a0ef273402aa46c915d1607e
|
| Sha384 | 9bf855e10c421cd226d85bff67fceb602879da3e9f0601b3a7f44112c5d5a46a94abbb085b5df8361f24e19d3423f662
|
| Sha512 | add323d33a77e1d07351cfa7815eca7693492a6e269f9190d365ab5bdca89f6a80ac77579e2104cd6e48b68e9047068049d408eee9a112506e511332baffae57
|
| SSDeep | 24576:HBzaEC7m/7NjY5xjpmZM13IhQBg0mw5iX+jbjVHf:hzlSmKxFme13IhQK/PIf
|
| TLSH | F135338FB6ED3D32CD7A618388C1E27875BC6C74AF8C5F8B616A86445E63E5D20C8D50
|
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
PharmacyProject.FrmDoktorHastaEkle.resources
button2.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
PharmacyProject.FrmDoktorRecete.resources
PharmacyProject.FrmEczaneGiris.resources
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
PharmacyProject.FrmEczaneAna.resources
btnLogin.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button10.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button2.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button3.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button4.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button5.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button6.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button7.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button9.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
PharmacyProject.FrmEczaneRecete.resources
$this.Icon
[NBF]root.IconData
PharmacyProject.Properties.Resources.resources
lJvY
[NBF]root.Data
[NBF]root.Data-preview.png
nsh
[NBF]root.Data
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | CYPA.pdb |
| Embedded Resources | 27 |
| Suspicious Type Names (1-2 chars) | 0 |
d2d5408177eeb1187fa3c4eda27021de (1.09 MB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
PharmacyProject.FrmDoktorHastaEkle.resources
button2.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
PharmacyProject.FrmDoktorRecete.resources
PharmacyProject.FrmEczaneGiris.resources
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
PharmacyProject.FrmEczaneAna.resources
btnLogin.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button10.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button2.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button3.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button4.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button5.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button6.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button7.Image
[NBF]root.Data
[NBF]root.Data-preview.png
button9.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
PharmacyProject.FrmEczaneRecete.resources
$this.Icon
[NBF]root.IconData
PharmacyProject.Properties.Resources.resources
lJvY
[NBF]root.Data
[NBF]root.Data-preview.png
nsh
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | CYPA.pdb |
d2d5408177eeb1187fa3c4eda27021de > OHL992--MX90.exe |
| Embedded Resources | 27 |
d2d5408177eeb1187fa3c4eda27021de > OHL992--MX90.exe |
| Suspicious Type Names (1-2 chars) | 0 |
d2d5408177eeb1187fa3c4eda27021de > OHL992--MX90.exe |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.