upnp.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 35/73
File details Download PDF Report
File type: PE32 executable (console) Intel 80386, for MS Windows
File size: 140.00 KB (143360 bytes)
Compile time: 2019-01-18 00:51:12
MD5: 14d63f4f0a051f6f499e48a926cad2d3
SHA1: 8663094dca7ece3808bec797c2249876bb3eae2c
SHA256: 9196667bfcbf7c43e8afce85f3f041c371be2d68c2c8fa330857f293a934916d
Import hash: 214f570eb188a16583062dd2c1733de2
Sections 5 .text .rdata .data .rsrc .reloc
Directories 4 import resource debug relocation
First submission: 2020-05-16 09:27:04
Last submission: 2020-05-16 09:27:04
Filename detected: - upnp.exe (1)
URL file hosting
hXXp://45.95.168.62/upnp.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-05-15 16:05:41 [35/73] VirusTotal
PE Sections 0 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x19712 104448 a46f6d7f18d73cf5ea26b38ccffb8710 bcd7f4c832389c31cd7cd934ce1a3a103df7d041
.rdata 0x1b000 0x736e 29696 145cce6127ceb87c4c2d4ab510179d65 888642f96c0aefe89bce169d7a2db301112bf9e1
.data 0x23000 0x11c8 2048 669b5f5de519e5d0be3afb916397c737 1a358e040433e645f6e570df05bf9120ff93a706
.rsrc 0x25000 0x288 1024 6bcc670b9b4e4d35829397afaecf76b8 c3d225b082b9d8229d3cb29c218394232fd7888f
.reloc 0x26000 0x1274 5120 54d2ec851aa9ffeae195b8cda7784695 5e27b6216c0017d0b9ef091bd3721d9ead5e8b36
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Library
mscoree.dll
IPHLPAPI.DLL
KERNEL32.dll
WS2_32.DLL
IP Found
223.255.255.255
239.255.255.250
URL(s)
http://schemas.xmlsoap.org/soap/encoding/
http://schemas.microsoft.com/SMI/2005/WindowsSettings
http://
http://schemas.xmlsoap.org/soap/envelope/

#infosec #automation

TheSystem Itself @ 2020-05-16 09:27:06