win32s.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 31/71 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 303.50 KB (310784 bytes)
Compile time: 2019-11-11 23:45:03
MD5: 2f4b7780726e9fae1760e06c3e2f126f
SHA1: a1f908c4be5b51b3ff7de1cc9f6bcfb659f93e7f
SHA256: 74f371626e10041115c86ce5a319efc0c74a2ac012a66da11809fed703d0e295
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-12 22:33:05
Last submission: 2019-11-12 22:33:05
Filename detected: - win32s.exe (1)
URL file hosting
hXXp://217.73.62.206/hqlw/win32s.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-12 14:23:19 [31/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x4b564 308736 4d27de00d94e7a23cc32815f6ae8f928 ab5cbe606cb6704b66210519fd0170a13f0bc44c
.rsrc 0x4e000 0x320 1024 52051ccc7ab7f42d689e196e1a42e4ff 093ddae228b6137680bac0f5699ed0349685082c
.reloc 0x50000 0xc 512 0f94742811ed94d324b09323e8461bd3 a88678708951ee64014f2f185f8576898460ecca
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
psapi.dll
vaultcli.dll
mscoree.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-12 22:33:07