Suspicious
Suspect

dd68e42a7247bd9851a62beede6bd053

PE Executable
|
MD5: dd68e42a7247bd9851a62beede6bd053
|
Size: 6.8 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
dd68e42a7247bd9851a62beede6bd053
Sha1
3595e2fd270017852bc6a2c53b62f8c704733b66
Sha256
c0aa63620a1c4f2802976720db29f0afd8b2a08b0a48ac0710365bde6837eb9a
Sha384
27254c9708c6415f1a32353d1716c188e8b9e75c9fd2df4b34ff4ba584359b267e552df1065854a63599c987b4bfc8f2
Sha512
aa388a4719ac99d6bbd0dea361ee9985e1f9079507ce79d3c72f87f377e21b47a1b5f299f48b1ff196932155784e78fd98c82ef5775f7eeb8587daf09c48e8bb
SSDeep
196608:4Ov9yr/RmdNzRN/neVNUCGkfgBKwyCZoBAajnbCY:zV4UzzgNvJmyC0jnOY
TLSH
CA6612DD089950A4DA8C173C721BEAAA23B51FB36B60851C7D8434C4ED77B9F202E6DD

PeID

Armadillo v4.x
Microsoft Visual C++ v6.0 DLL
UPolyX 0.3 -> delikon
File Structure
dd68e42a7247bd9851a62beede6bd053
[Authenticode]_b78c1e5a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.Q^w
.l^x
.l{]
.reloc
.rsrc
Resources
TEXT
ID:0001
ID:0
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
ID:0008
ID:0
ID:0009
ID:0
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x677400 size 20872 bytes
dd68e42a7247bd9851a62beede6bd053 (6.8 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙