General
Structural Analysis
Config.0
Yara Rules99+
Sync
Community
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | e8b080c276519547e95930ab15028adb
|
| Sha1 | 4557478c9b47f5d0729b6f6bf21d673068b57126
|
| Sha256 | d6802fce5b918ed247ba85d6aa0545a8120cfbc3734b1c37794c4e381862d4ee
|
| Sha384 | bdeb17979441c9681224f191ba37fc66dba231bb6985a6e3713eb598a3596f80cbf181a4fbd66dc70627cbbb0e8b1c05
|
| Sha512 | 4f5320218c0100379ddf8bcce4280231cda0b17e0deb0794abd0103ef4cd74120ca842f180ed3f7cf1a982ada8f9739d8db7163fa0dbd9c1943f2530b6abd6d2
|
| SSDeep | 24576:MAbGrci1CVsb+JPrf+xp8esqhNyjAibJULb1hstRqGG7srGX8vCWI7JgZlHavtdP:VN7Jjfa87S1LktRqVzfHXxQk
|
| TLSH | E3958E46B3A501FCD467C178CD466217F672B4041774ABEF45A08A6A2F73BE23A7E318
|
PeID
MASM/TASM - sig4 (h)
Microsoft Visual C++ 8.0 (DLL)
Microsoft Visual C++ v6.0 DLL
File Structure
e8b080c276519547e95930ab15028adb
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
CAFFEE_CONFIG
ID:007B
ID:0
RT_MANIFEST
ID:0001
ID:1033
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: t$di |
Artefacts
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | https://www.google.com |
| URLs in VB Code - #2 | https://www.microsoft.com |
| URLs in VB Code - #3 | https://www.cloudflare.com |
| URLs in VB Code - #4 | https://www.amyuni.com/downloads/usbmmidd_v2.zip |
| URLs in VB Code - #5 | http://ip-api.com/line/?fields=countryCode |
| URLs in VB Code - #6 | http://schemas.microsoft.com/windows/2004/02/mit/task |
e8b080c276519547e95930ab15028adb (2.06 MB)
File Structure
e8b080c276519547e95930ab15028adb
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
CAFFEE_CONFIG
ID:007B
ID:0
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | https://www.google.com |
e8b080c276519547e95930ab15028adb |
| URLs in VB Code - #2 | https://www.microsoft.com |
e8b080c276519547e95930ab15028adb |
| URLs in VB Code - #3 | https://www.cloudflare.com |
e8b080c276519547e95930ab15028adb |
| URLs in VB Code - #4 | https://www.amyuni.com/downloads/usbmmidd_v2.zip |
e8b080c276519547e95930ab15028adb |
| URLs in VB Code - #5 | http://ip-api.com/line/?fields=countryCode |
e8b080c276519547e95930ab15028adb |
| URLs in VB Code - #6 | http://schemas.microsoft.com/windows/2004/02/mit/task |
e8b080c276519547e95930ab15028adb |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.