Malicious
e4c5463554edeb39c461ad8c66a6dbfe
PE Executable | MD5: e4c5463554edeb39c461ad8c66a6dbfe | Size: 3.78 MB | application/x-dosexec
PE Executable
MD5: e4c5463554edeb39c461ad8c66a6dbfe
Size: 3.78 MB
application/x-dosexec
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | e4c5463554edeb39c461ad8c66a6dbfe
|
| Sha1 | 8823e1d42d137f4a701af6b7478eeb9e0665f38d
|
| Sha256 | b714e437fa85b74dc637316b333862ca2e42862fd741833ce839c37feee3efe9
|
| Sha384 | 7213aa96ee13b4208ff1ec2bcb9053815fecf0fd55cd56bf2d6e6ac014aabe4a697b9e714275db4552570aab563f61cd
|
| Sha512 | 6c9c723a00f0eb4cd19915e7f460444909ee3da4e69bb8c396651d3d86937980a45135edc07ab21b6a14f81793ca0a661e1f946ee3113399751b7a8581e76d49
|
| SSDeep | 49152:IBJKOGqEizDFMxLqkgKxkxB8jyn8ijPmEfkfnXOuH+w4ZJVAn3fvGutAz/E9:yDZJtyMBIm3fkfnXOuWZ83Gcr
|
| TLSH | EF06E04679D64F32D2715B324697563E42A0D6263A11EF4F3B0F2093E9077F1AA722B3
|
PeID
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8
Microsoft Visual C++ 8
Microsoft Visual C++ v6.0 DLL
VC8 -> Microsoft Corporation
File Structure
e4c5463554edeb39c461ad8c66a6dbfe
Malicious
Overlay_028b30ec.bin
Malicious
HyperComdllnet.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
kNuUY9X9yBfa1abF8n.qEPp2ahfwql0jJAptX
MIWSNvxwN0D55R3Gxs.85Voe9NjWmRxg1oLZh
1yXPEvGFacTSiTIGMc.cPTdnxLQvYTkpMHil1
Jr38AQc8EB0w8gEsfm.mbVoxSiENHLFIadnPD
DmJg1SeP2w2AfsxwRX.CujeUafR5kuTjfyMMW
ssu9hRPZvTJsQJSg8o.B6cfcVE3ahjL1WV0b2
3Psw76Z8zbe9Q.bat
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
e4c5463554edeb39c461ad8c66a6dbfe.decoded.vbs
Malicious
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_028b30ec.bin (3462408 bytes) |
| Info | PDB Path: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb |
e4c5463554edeb39c461ad8c66a6dbfe (3.78 MB)
File Structure
e4c5463554edeb39c461ad8c66a6dbfe
Malicious
Overlay_028b30ec.bin
Malicious
HyperComdllnet.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
kNuUY9X9yBfa1abF8n.qEPp2ahfwql0jJAptX
MIWSNvxwN0D55R3Gxs.85Voe9NjWmRxg1oLZh
1yXPEvGFacTSiTIGMc.cPTdnxLQvYTkpMHil1
Jr38AQc8EB0w8gEsfm.mbVoxSiENHLFIadnPD
DmJg1SeP2w2AfsxwRX.CujeUafR5kuTjfyMMW
ssu9hRPZvTJsQJSg8o.B6cfcVE3ahjL1WV0b2
3Psw76Z8zbe9Q.bat
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
e4c5463554edeb39c461ad8c66a6dbfe.decoded.vbs
Malicious
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.