Suspicious
Suspect

dacaa24ef54fb70cdb9d579c489ef895

AutoIt Compiled Script
|
MD5: dacaa24ef54fb70cdb9d579c489ef895
|
Size: 1.05 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
dacaa24ef54fb70cdb9d579c489ef895
Sha1
a396816d6b304a27e652483e9b661fd3f9e78073
Sha256
2006e4294f495b50c83fc3af87da570cca4ba734dd070a39d216788d275ef14d
Sha384
206c3f8a866cfadeb1d5743d0f3c637d1877e2a1e9aa6ac050c5c08e5a17e2da60c315d445046564dab1435d7e894506
Sha512
9d0c96b5eed1271c849dca81ac15a5d2ba4dec2688f8d3608398fbfd01e69cd769dad32e4bb77ab18facf1f4589fdc6efb65bba68533d8f0b1afdfeaca15982b
SSDeep
24576:EzZv3wPK31m41FhQ1oxXvydgvrg1AxbQKy4jwXvT1UoEI:EdAC3PQoxXKmvsiQKy0wXvJPX
TLSH
6925339397C9548ADB96D7321B38C59DA7B2A8185ED84313632C4E58FD30B86CB2F770

PeID

Microsoft Visual C++ v6.0 DLL
Nullsoft PiMP Stub -> SFX
File Structure
dacaa24ef54fb70cdb9d579c489ef895
Medieval.xll
Pontiac.xll
Cylinder.xll
Correction.xll
Replication.xll
Ted.xll
Areas.xll
Portable.xll
Laboratories.xll
nsExec.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
[SETUP_DECOMPILED.NSI]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:1033-preview.png
ID:0003
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
dacaa24ef54fb70cdb9d579c489ef895 (1.05 MB)
File Structure
dacaa24ef54fb70cdb9d579c489ef895
Medieval.xll
Pontiac.xll
Cylinder.xll
Correction.xll
Replication.xll
Ted.xll
Areas.xll
Portable.xll
Laboratories.xll
nsExec.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
[SETUP_DECOMPILED.NSI]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:1033-preview.png
ID:0003
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙