Suspect
e0ab2773cc07e8203a680f6339170681
PE Executable | MD5: e0ab2773cc07e8203a680f6339170681 | Size: 7.69 MB | application/x-dosexec
PE Executable
MD5: e0ab2773cc07e8203a680f6339170681
Size: 7.69 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | e0ab2773cc07e8203a680f6339170681
|
| Sha1 | a9c5b069aec9dd4e3608c87d187313cdf663525c
|
| Sha256 | a025f425022df0a0fe1ca8ec5e0554156a49cc2ae302b971878a6e7cc41d0677
|
| Sha384 | 3484bea466f32df30054658de8c676b04d325222c9b996cd67149423752b2e95ff02609f0fcd89a2ff1187528f7bcad7
|
| Sha512 | 9d8004d1122110b2f13151222cb73237910576a57230de0547e366a02b2aa4ea6114c2fc829cc56cd49303ca4d7bbaf8fc31e7a78d39fd950c897ca64bb84af1
|
| SSDeep | 98304:uQHbG3aWzIus6efPUIdoaxcp8wy5c3trGOlkQ5DUOgJ9zlh:uubqhfefPtHxcp9ym3nltDUJVn
|
| TLSH | C276CF06F9E259F6C0BF5635887652917B70BC051B2297EB2B90BA382F33BD05E31365
|
PeID
HQR data file
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ v6.0 DLL
Pe123 v2006.4.4-4.12
Private EXE Protector V2.30-V2.3X -> SetiSoft Team
tElock 1.0 (private) -> tE!
tElock 1.0 (private) -> tE!
File Structure
e0ab2773cc07e8203a680f6339170681
Overlay_731ea7a8.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.xdata
.idata
.reloc
.symtab
ScreenConnect.Client.dll
ScreenConnect.ClientService.dll
ScreenConnect.Core.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
ScreenConnect.Windows.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ScreenConnect.Properties.libwebp.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
ScreenConnect.Properties.libwebp.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
_RDATA
.rsrc
.reloc
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1036
ScreenConnect.Properties.libzstd.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.reloc
ScreenConnect.Properties.libzstd.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
ScreenConnect.WindowsAuthenticationPackage.dll
ScreenConnect.WindowsBackstageShell.exe
ScreenConnect.WindowsBackstageShell.exe.config
ScreenConnect.WindowsClient.exe
ScreenConnect.WindowsCredentialProvider.dll
ScreenConnect.WindowsFileManager.exe
ServiceExeWithoutService
ScreenConnect.InstallerActions.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.WindowsInstaller.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Microsoft.Deployment.WindowsInstaller.Errors.resources
Microsoft.Deployment.WindowsInstaller.Package.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.Compression.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.Compression.Cab.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Microsoft.Deployment.Compression.Cab.Errors.resources
CustomAction.config
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_731ea7a8.bin (11320 bytes) |
e0ab2773cc07e8203a680f6339170681 (7.69 MB)
File Structure
e0ab2773cc07e8203a680f6339170681
Overlay_731ea7a8.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.xdata
.idata
.reloc
.symtab
ScreenConnect.Client.dll
ScreenConnect.ClientService.dll
ScreenConnect.Core.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
ScreenConnect.Windows.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ScreenConnect.Properties.libwebp.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
ScreenConnect.Properties.libwebp.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
_RDATA
.rsrc
.reloc
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1036
ScreenConnect.Properties.libzstd.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.reloc
ScreenConnect.Properties.libzstd.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
ScreenConnect.WindowsAuthenticationPackage.dll
ScreenConnect.WindowsBackstageShell.exe
ScreenConnect.WindowsBackstageShell.exe.config
ScreenConnect.WindowsClient.exe
ScreenConnect.WindowsCredentialProvider.dll
ScreenConnect.WindowsFileManager.exe
ServiceExeWithoutService
ScreenConnect.InstallerActions.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.WindowsInstaller.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Microsoft.Deployment.WindowsInstaller.Errors.resources
Microsoft.Deployment.WindowsInstaller.Package.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.Compression.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.Compression.Cab.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Microsoft.Deployment.Compression.Cab.Errors.resources
CustomAction.config
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.