Suspicious
Suspect

ffd55babc969472ef5f1f660bfdc308e

PE Executable
|
MD5: ffd55babc969472ef5f1f660bfdc308e
|
Size: 3.21 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
ffd55babc969472ef5f1f660bfdc308e
Sha1
1db04207c5b63fbf45644850cdf1ab9f804e0e84
Sha256
8403705f9ec24cbede1aaa9982a0649aea928c66a5d41d7f47ba04701cea8f18
Sha384
f5d6b73e2ffead12a4f6b3c45865cd72c6976221e3adcac72bf76efb80c8b1b9869b578939dcb0f7fb2a0cfc393581bc
Sha512
edbc1de857b6f5cbb4c329765f439333ea479d6482f263560dcbd9b87ef97fe9f0b5777b13bb7c0c7f5b434c2447f052468b127c04e4ceacce3cc5b7cd49d924
SSDeep
49152:sjs2tWAu+af3ZQQYAy51MW4lcHP4n7jcRUjQfZNVi2rZg8pQvjj:8w3Z8AWHgnXexiNjj
TLSH
3EE57C12BD80D8A1D0A9EA388CF342967731F868073137D32A6B6A755EF37DC1A35356

PeID

Microsoft Visual C++ v6.0 DLL
Private EXE Protector V2.30-V2.3X -> SetiSoft Team
File Structure
ffd55babc969472ef5f1f660bfdc308e
Overlay_17bb1d13.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.rdata
.pdata
.xdata
.bss
.edata
.idata
.CRT
.tls
.reloc
.rsrc
4
19
31
45
57
70
81
92
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0-preview.png
ID:0007
ID:0
ID:0008
ID:0
ID:0009
ID:0
RT_GROUP_CURSOR4
ID:0000
ID:0
ID:2710
ID:0
RT_VERSION
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Overlay extracted: Overlay_17bb1d13.bin (179627 bytes)
ffd55babc969472ef5f1f660bfdc308e (3.21 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙