ghhha.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 42/67 Related 2476
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 1206.00 KB (1234944 bytes)
Compile time: 2019-06-09 07:21:13
MD5: 33c5ef1aaa88e8262791ff752d94f3b0
SHA1: 65f9394455237d88a0dd099aebd2299dddb52647
SHA256: 7792adafdc8d02a7eede01d92a2554ca1a91fd5d95afa15d6cf0f6ca8aee9ffe
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-09-08 13:33:06
Last submission: 2019-09-08 13:33:06
Filename detected: - ghhha.exe (1)
URL file hosting
hXXps://perenegitim.com/wp-includes/ID3/fonts/ghhha.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-09-07 22:18:01 [42/67] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x4e118 320000 acd7d7dd96f90436d83a519addf65861 ca4781fea8f93c14c6ba0d4ec8b49d6895352f86
.rsrc 0x52000 0xdf164 913920 4e34f746a2431d9ccd33eba553c3254b 03b069f3eb7454ba4a55da8da5eabfea55eb4815
.reloc 0x132000 0xc 512 2c6294005ef815c7e62b4fff36bf4281 be56a81f882416c11723e3da7b370908a3ba9b60
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Library
mscoree.dll
IP Found
1.7.3.4
URL(s)
https://msdn.microsoft.com/en-us/library/system.array

#infosec #automation

TheSystem Itself @ 2019-09-08 13:33:07