MalScore
30/100

CryptON0920.exe

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 3770.02 KB (3860504 bytes)
Compile time: 2019-09-18 13:54:02
MD5: 10b4482912b361476268fd1584e4f743
SHA1: e22a4bf32799e540ff6fea0be1965c1e484bc987
SHA256: ec395e205824e6981755780bbed84958097bb435dd078fd599b3f2e2982af834
Import hash: 338017cdd280d4c3f35be1cfacfd0ff6
Sections 5 .text .rdata .data .rsrc .reloc
Directories 5 import resource debug tls relocation
Anti Virtual Machine 2 VMCheck.dll Bochs & QEmu CPUID Trick
First submission: 2022-03-02 14:33:16
Last submission: 2022-03-02 14:33:16
Filename detected: - CryptON0920.exe (1)
URL file hosting
hXXp://download.rising.com.cn/for_down/rscrypto/CryptON0920.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x192969 1649152 9224f9629e168935f0b2f6ec9cc4314c 13bd18dd34b7c772eb20d3915c0e5c0698cbc1e2
.rdata 0x194000 0x6ada8 437760 8574e2dc04ba3d1be895e0bebb287197 d82686530ddaaf20db89ea04eb59183e9fa384b1
.data 0x1ff000 0xc540 25600 2f9c2e631444f031b2621dfe3fca7aa2 756105a748555a8b3fc8908af064abe52da2c388
.rsrc 0x20c000 0x1ab660 1751040 e85f557cfec87f05b798e22cc4df21f6 f5d7591e2d34a4609cda8fb86b1358c7382b6f70
.reloc 0x3b8000 0x25100 152064 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Temporary
%s%s%X.tmp
FIle type: Object
hhctrl.ocx
FIle type: Text
temp000000.txt
DecryptLog_0.txt
FIle type: Library
USER32.dll
%Ts%Ts.dll
comctl32.dll
KERNEL32.dll
UxTheme.dll
dwmapi.dll
yKERNEL32.DLL
ADVAPI32.dll
dwrite.dll
ZComdlg32.dll
api-ms-win-core-synch-l1-2-0.dll
D2D1.dll
mscoree.dll
Zmfcm140u.dll
QMSFTEDIT.DLL
SHELL32.dll
ole32.dll
comdlg32.dll
SHLWAPI.dll
OLEAUT32.dll
oledlg.dll
IMM32.dll
OLEACC.dll
GDI32.dll
MSIMG32.dll
gdiplus.dll
WINMM.dll
IP Found
1.0.0.1
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven01b_64 Seven01b_64 VirtualBox 2022-03-02 14:07:22 2022-03-02 14:07:50 28

3 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven01b_64 Seven01b_64 VirtualBox 2022-03-02 14:07:22 2022-03-02 14:07:50 28

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2022-03-02 14:33:18