1.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 40/69 Related 2476
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 2351.05 KB (2407480 bytes)
Compile time: 2019-09-07 14:19:03
MD5: 2769f42634a0e87c53d616b0c7afffb7
SHA1: 9123ec30ade9eea99c419de355adb4d31601d986
SHA256: 73897c927299bc636a10eff49bb25e89fe0753ba22a69c3c4cf73ac4d5be88d2
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource relocation security
First submission: 2019-09-10 23:39:08
Last submission: 2019-09-10 23:39:08
Filename detected: - 1.exe (1)
URL file hosting
hXXp://cg53575.tmweb.ru/1.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-09-09 08:06:34 [40/69] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x237a54 2325504 df5b1a3f218c0fecc01ec4070cc2995e 8fb640ba0a93a92dc8fa9e4dc1f1c54a6abf0962
.rsrc 0x23a000 0xe04c 57856 d7ed7ab0cd2017c72502642581fa95e4 6ee16360caa508e4249a4035b35b3e8c2b69f8e6
.reloc 0x24a000 0xc 512 87e7262d19985a64e7f22a7354b780f6 310ebe7003a4819283014f222f3ec0528af86188
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: deb3fce904e3065fbbb8ab7edda8a59e
SHA1: 97779ce2d06f76fa097748a22e5762e8a530297e
Block Size: 23096
Virtual Address: 2384384
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
https://www.thawte.com/cps0/
http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
http://th.symcb.com/th.crt0
http://crl.thawte.com/ThawtePCA.crl0
http://crl4.digicert.com/DigiCertAssuredIDCA-1.crl0w
http://crl3.digicert.com/sha2-assured-cs-g1.crl05
http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
http://th.symcb.com/th.crl0
http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0:
https://www.thawte.com/repository0W
http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
http://ocsp.digicert.com0C
http://ocsp.digicert.com0A
http://ocsp.digicert.com0O
http://ocsp.digicert.com0N
http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
http://ocsp.thawte.com0
http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
http://crl3.digicert.com/sha2-assured-ts.crl02
http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
http://crl4.digicert.com/sha2-assured-ts.crl0
http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0
http://cacerts.digicert.com/DigiCertAssuredIDCA-1.crt0
http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
http://th.symcd.com0&
https://www.digicert.com/CPS0
http://www.digicert.com/ssl-cps-repository.htm0
http://crl3.digicert.com/DigiCertAssuredIDCA-1.crl08

#infosec #automation

TheSystem Itself @ 2019-09-10 23:39:10