goziwecry.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 59/72 Related 2779
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 532.00 KB (544768 bytes)
Compile time: 2020-02-24 21:50:17
MD5: 202385f29c36895949d165210a9f5da5
SHA1: f176f2947de987b92cd5cdffdf45d408bd8352e2
SHA256: d1b2f65b28a57ce6df70de26603f57740e32676e3f245e063a4c00b5fa2a38bd
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2020-04-11 22:57:11
Last submission: 2020-04-11 22:57:11
Filename detected: - goziwecry.exe (1)
URL file hosting
hXXp://[www].ethnomedicine.cn/wp-content/plugins/mjcegcd/gozie/goziwecry.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-03-28 04:23:23 [59/72] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xd7b4 55296 227272fbff208a110f63e0e4b656caca 4b09cc17502e494479148d82fda4e7151765adba
.rsrc 0x10000 0x773ea 488448 7f120c56f74bab6bfffafca31d2609e4 99a6717c1dff4800b284cb47ffb96a5e23cbb5f3
.reloc 0x88000 0xc 512 e2606b93587a83f6d33f27d28e7bc366 64c163e6e809823da5c1098d66bc2ea831be6d5c
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
KERNEL32.dll
mscoree.dll
IP Found
No IP detected
URL(s)
http://example.com

#infosec #automation

TheSystem Itself @ 2020-04-11 22:57:12