asdfg.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 31/71 Related 2476
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 314.35 KB (321896 bytes)
Compile time: 1987-01-31 16:12:51
MD5: 1806a175244b69c11f40ea3d77cc867c
SHA1: afac6c53b8e54f9606d6eef9a8b2ec3501a46b12
SHA256: 6b08e46f2376cfec1eff2c22e607c4ff60e34442482c7a9469cb3c381fe561fd
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource relocation security
First submission: 2019-09-05 02:00:05
Last submission: 2019-09-05 02:00:05
Filename detected: - asdfg.exe (1)
URL file hosting
hXXp://nicoslag.ru/asdfg.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-09-04 16:58:39 [31/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x4c364 312320 aa3ddf79892f79c11e483ff219fe18df 66131af87977721e6775f5e7b8f5b9f84373b30e
.rsrc 0x50000 0x600 1536 eda53bab4da6b93c3e3b01d1283d9a55 bb2d27005b0cd840d726219f1a1105d90e546b07
.reloc 0x52000 0xc 512 530ffb1ba9aac934ade8993a4e9fef40 f1469e07e0ef31f370839a69c9928431af8a45f1
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: 80f9f8200ae17d216fd96bdf77a3b10f
SHA1: f0ba487c5246e05f6715e032889901397887dc4c
Block Size: 7016
Virtual Address: 314880
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
1.1.2.2
URL(s)
http://s.symcb.com/universal-root.crl0
http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
http://s2.symcb.com0
https://d.symcb.com/cps0%
http://sv.symcb.com/sv.crt0
http://www.symauth.com/rpa00
http://www.symauth.com/cps0(
http://s.symcd.com06
http://sv.symcd.com0&
http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
http://sv.symcb.com/sv.crl0a
http://ts-ocsp.ws.symantec.com0;
http://s1.symcb.com/pca3-g5.crl0
https://www.ashampoo.com0/
https://d.symcb.com/rpa0.
https://d.symcb.com/rpa0
https://d.symcb.com/rpa0@

#infosec #automation

TheSystem Itself @ 2019-09-05 02:00:07