PurchaseOrder.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 26/68 Related 2600
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 639.00 KB (654336 bytes)
Compile time: 2019-08-18 12:08:10
MD5: 1135faa7ccd91450b5bdbc0f0083a9b5
SHA1: 1f6d108ccdee1e66e81850186dc7eaebee283360
SHA256: 8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-10-04 14:54:04
Last submission: 2019-10-04 14:54:04
Filename detected: - PurchaseOrder.exe (1)
URL file hosting
hXXp://corpcougar.com/bin/r/PurchaseOrder.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-10-04 12:48:23 [26/68] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x6eef4 454656 ac4567c5a088ce761371f2357682a406 0160e25e38486f68ddee70a3d0bc47b4b15741db
.rsrc 0x72000 0x3061a 198656 a142b5333cce61389fba5640d80dd9c0 21ab3942e1ceede386b5e647ea01b767c473e020
.reloc 0xa4000 0xc 512 ddf9fcce17da1e180c70e1fe83b336e0 540a9ad5e606d4a4c9c33310a563325b280429f2
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
mscorlib.dll
xunit.execution.*.dll
xunit.dll
.dotnet.dll
mscoree.dll
IP Found
No IP detected
URL(s)
file://

#infosec #automation

TheSystem Itself @ 2019-10-04 14:54:05