Suspicious
Suspect

Share on LinkedIn
Print
PE Executable
MD5: ef50ea6aed2d1ebb1b919d3442349030
Size: 1.7 MB
application/x-dosexec

Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.

AI analysis is available with Essential.
Unlock with Essential
MD5 ef50ea6aed2d1ebb1b919d3442349030
Sha1 150717d6abe7f16c96ae01a57a518a4013ad17b7
Sha256 2c4d265195e4115c8706cd4e53e28fd08f5abbab429727d7b27ed989bf5c83a8
Sha384 d1c5fb6b396aa266c4126cb182ac9eaa133da2b9e89d7d02e118edea204c3740b56f35ff8f6ccb36d660841ebd1a246c
Sha512 b0fc73ea57f60a581883aec05c484a064e52e78415197e0cd4b4dc8781fe153436bae3c878b000da8a0c13b440ae6df67a0bfbc7a6324db3c4d43f75c62fa807
SSDeep 24576:jyZjz/z+PGdYprdp+eQGdYM60SpY1/3osn+X7XUL:j6agpVGdYX0Sa1/Ys+X
TLSH 4A75C012A2C6847BD02A15795C2BEBDD645DBE602F14B80E7ADDBE0C7F395C134A70B2
PeID
BobSoft Mini Delphi -> BoB / BobSoftBorland Delphi 2006Borland Delphi 2006 - 2007Borland Delphi 4.0Borland Delphi v3.0Borland Delphi v3.0 - v7.0Borland Delphi v6.0 - v7.0Borland Delphi v6.0 - v7.0Microsoft Visual C++ v6.0 DLLPe123 v2006.4.4-4.12
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.itext
.data
.bss
.idata
.tls
.rdata
.reloc
.rsrc
Resources
RT_CURSOR
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
RT_BITMAP
ID:0000
ID:1033
RT_ICON
ID:0032
ID:0
ID:0033
ID:0
ID:0034
ID:0
ID:0035
ID:0
ID:0036
ID:0
RT_DIALOG
ID:0000
ID:0
RT_STRING
ID:0FF3
ID:0
ID:0FF4
ID:0
ID:0FF5
ID:0
ID:0FF6
ID:0
ID:0FF7
ID:0
ID:0FF8
ID:0
ID:0FF9
ID:0
ID:0FFA
ID:0
ID:0FFB
ID:0
ID:0FFC
ID:0
ID:0FFD
ID:0
ID:0FFE
ID:0
ID:0FFF
ID:0
ID:1000
ID:0
RT_RCDATA
ID:0000
ID:0
RT_GROUP_CURSOR2
ID:7FF9
ID:1033
ID:7FFA
ID:1033
ID:7FFB
ID:1033
ID:7FFC
ID:1033
ID:7FFD
ID:1033
ID:7FFE
ID:1033
ID:7FFF
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_MANIFEST
ID:0001
ID:1033
Name Value
Info
PE Detect: PeReader OK (file layout)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙