yyl88888.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 57/72 Related 23
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed
File size: 288.00 KB (294912 bytes)
Compile time: 2019-11-15 04:06:59
MD5: 2cada3e92fef9511ef4cf678ab30fb45
SHA1: c23a553a97bb171ae95626ef2a97da61e2c5cf7c
SHA256: 3d49d0a78eab4bc80a13ed0b62261d4f5a7c5928727e101843348dd5a8143afd
Import hash: 09d0478591d4f788cb3e5ea416c25237
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2020-01-19 11:21:06
Last submission: 2020-01-19 11:21:06
Filename detected: - yyl88888.exe (1)
URL file hosting
hXXp://dd.512wojie.cn/1115/yyl88888.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-01-15 12:18:32 [57/72] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x83000 288256 8e6206378eba142dc541975dd31d19cf e99dc60e9564b2bd77b83f975f71a8c481e9349a
.rsrc 0x84000 0x2000 5120 321cf8aa3f69e4c7dbf4e1bdbb057258 ca84233097259744d81e01910f35a69080e0078d
.reloc 0x86000 0x200 512 9f399aa04b85a8fe9cc47eb86e14909b f038e3133a11574c20866996eeff1f0253b96b84
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
PECompact 2.x -> Jeremy Collake
PECompact v2.0
PeCompact 2.53 DLL --> BitSum Technologies
PECompact 2.0x Heuristic Mode -> Jeremy Collake
File found
FIle type: Library
KERNEL32.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-01-19 11:21:08