imr1634f.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 37/70 Related 2772
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 25.00 KB (25600 bytes)
Compile time: 2015-09-08 15:36:37
MD5: 34750ff5aa733798a293cce4a5d11b05
SHA1: 949bf6ff4ac5fea4aa0322a0c4229260e863558a
SHA256: f1ac9916fc6f98109596ba4c2719a100aa4aba0cc957011631d608286e149a38
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2020-03-07 10:15:03
Last submission: 2020-03-07 10:15:03
Filename detected: - imr1634f.exe (1)
URL file hosting
hXXp://autoren.s3.amazonaws.com/ubar_10032/imr1634f.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-02-19 09:36:23 [37/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x5654 22528 6507e26712160da011fd0e4a0ab394eb af0af41a6054b3b396879dda448766b72d390dde
.rsrc 0x8000 0x7c0 2048 ac709f49e4543eff76de5cccdc3dd395 45efb82c99134d8f23ad650036f10bef06a2790a
.reloc 0xa000 0xc 512 12def29ded9b5c21f13e1a6ebbfcaf1d 7cf3a530fbbe1a3e41eb098aa94a32199c64aea9
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Data
UbarDone.dat
FIle type: Library
mscoree.dll
FIle type: Web Page
http://xjdizthomu.org/api/upr6/test.php
http://xjdizthomu.org:8080/api/upr6/post.php
IP Found
1.1.36.1
URL(s)
http://xjdizthomu.org:8080/api/upr6/post.php
http://xjdizthomu.org/api/upr6/test.php
http://ab-cdn-c.com:8080/get-assets/1.36.1/

#infosec #automation

TheSystem Itself @ 2020-03-07 10:15:05