poo.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 52/70 Related 2772
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 282.50 KB (289280 bytes)
Compile time: 2019-11-29 07:31:09
MD5: 309ace2ac7606a1f061780c588a12585
SHA1: 0ca3ab5bbef7cf294448118965b5a6a13ce4c2f5
SHA256: f8c6fa5f9549f1e041c342f16a652d1f96fa9c5c5778f7617640d80cbeb69c1b
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-12-04 08:54:06
Last submission: 2019-12-04 08:54:06
Filename detected: - poo.exe (1)
URL file hosting
hXXp://[www].teorija.rs/vendor/league/poo.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-12-03 13:48:50 [52/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x46154 287232 f1021f35d5b58cda5cc7a1f0732a29be 8849da09c19065558c9e373590107100f193bd75
.rsrc 0x4a000 0x300 1024 1623c8e2f3c7be297a12021e7bc05132 0a41aa9cd34d2e5cae9aec0c86a2cc20c2e9f24a
.reloc 0x4c000 0xc 512 d2d6c7685394fba6f915d147481036c2 73ce37ba64bd1d51faf1fe33f0d97ed0f20dee37
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
psapi.dll
mscoree.dll
vaultcli.dll
IP Found
0.1.2.3
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-12-04 08:54:07