IsExceptionalOLdYzdUSrU.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 57/70 Related 2772
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 271.00 KB (277504 bytes)
Compile time: 2020-03-08 11:25:40
MD5: 355683d3502993e1cfa88c309ed0c836
SHA1: 1dc3caa7cb90d225e209d147c700c18837e180c4
SHA256: dc846eccbdb149a7b83e1cefa8e67d615cd84d6f4680fafcfabe5209c71ef92f
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 4 .text .sdata .rsrc .reloc
Directories 3 import resource relocation
First submission: 2020-05-15 10:03:07
Last submission: 2020-05-15 10:03:07
Filename detected: - IsExceptionalOLdYzdUSrU.exe (1)
URL file hosting
hXXp://[www].wnksupply.co.th//images/IsExceptionalOLdYzdUSrU.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-05-14 16:13:12 [57/70] VirusTotal
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x42cb4 273920 36780600a0df75ac72facc430d0e8520 e2e9268b9843db9b141c8d0d72923a6b53d9fff8
.sdata 0x46000 0x5 512 9f734e973b7f58029a3b0e6e78680bc2 a3e0bdb278db460d070cfe65cf8306301e8c7747
.rsrc 0x48000 0x5ba 1536 ff3ce25231ecebc94d8f968329e536b5 a7ec51caa9c804915fab8f1928a46c96330897ac
.reloc 0x4a000 0xc 512 11a8a8fd30abe6b28013106e99dfa547 16c5a2c5bfad03460c3fe36baec0dcd48975d9d2
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Database
T.Db
FIle type: Library
mscoree.dll
IP Found
1.1.1.1
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-05-15 10:03:08