Is DLL
Packer
Anti Debug
Anti VM
Signed
XOR
AntiVirus 35/73
|
File details
Download PDF Report
|
| File type: |
PE32 executable (console) Intel 80386, for MS Windows |
| File size: |
140.00 KB (143360 bytes) |
| Compile time: |
2019-01-18 00:51:12 |
| MD5: |
14d63f4f0a051f6f499e48a926cad2d3 |
| SHA1: |
8663094dca7ece3808bec797c2249876bb3eae2c |
| SHA256: |
9196667bfcbf7c43e8afce85f3f041c371be2d68c2c8fa330857f293a934916d |
| Import hash: |
214f570eb188a16583062dd2c1733de2 |
| Sections 5 |
.text��� .rdata�� .data��� .rsrc��� .reloc�� |
| Directories 4 |
import resource debug relocation |
| First submission: |
2020-05-16 09:27:04 |
| Last submission: |
2020-05-16 09:27:04 |
| Filename detected: |
- upnp.exe (1)
|
| URL file hosting |
|---|
hXXp://45.95.168.62/upnp.exe |
| Antivirus Report |
|---|
| Report Date |
Detection Ratio |
Permalink |
Update |
| 2020-05-15 16:05:41 |
[35/73] |
|
|
| PE Sections 0 suspicious |
|---|
| Name |
VAddress |
VSize |
Size |
MD5 |
SHA1 |
| .text��� |
0x1000 |
0x19712 |
104448 |
a46f6d7f18d73cf5ea26b38ccffb8710 |
bcd7f4c832389c31cd7cd934ce1a3a103df7d041 |
| .rdata�� |
0x1b000 |
0x736e |
29696 |
145cce6127ceb87c4c2d4ab510179d65 |
888642f96c0aefe89bce169d7a2db301112bf9e1 |
| .data��� |
0x23000 |
0x11c8 |
2048 |
669b5f5de519e5d0be3afb916397c737 |
1a358e040433e645f6e570df05bf9120ff93a706 |
| .rsrc��� |
0x25000 |
0x288 |
1024 |
6bcc670b9b4e4d35829397afaecf76b8 |
c3d225b082b9d8229d3cb29c218394232fd7888f |
| .reloc�� |
0x26000 |
0x1274 |
5120 |
54d2ec851aa9ffeae195b8cda7784695 |
5e27b6216c0017d0b9ef091bd3721d9ead5e8b36 |
| File found |
| FIle type: Library |
| mscoree.dll |
| IPHLPAPI.DLL |
| KERNEL32.dll |
| WS2_32.DLL |
| IP Found |
| 223.255.255.255 |
| 239.255.255.250 |
| URL(s) |
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://schemas.microsoft.com/SMI/2005/WindowsSettings |
| http:// |
| http://schemas.xmlsoap.org/soap/envelope/ |
#infosec #automation
TheSystem Itself @ 2020-05-16 09:27:06