MalScore
100/100
MalFamily
Malicious

tt.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 45/69 Related 2244
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 501.50 KB (513536 bytes)
Compile time: 1980-03-30 09:26:37
MD5: 369e381a5b208e2b75963ece037f38df
SHA1: 130f4aaeef0ec14dcbf3c35e01fd1902a3bc22b0
SHA256: 4afa1a68a6a839397f11dfaf2fb81a7ed41c1b71a86cbf5ddc7159c05ffd3082
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
Anti Virtual Machine 1 Virtual Box
First submission: 2018-12-12 23:57:07
Last submission: 2018-12-12 23:57:07
Filename detected: - tt.exe (1)
URL file hosting
hXXp://splietthoff.com/tt.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-12-09 21:35:35 [45/69] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x7c864 510464 317da453071353ec800a59288cdabef0 4b6f287840f1df996772e77cc38e880c41a1b669
.rsrc 0x80000 0x624 2048 fd63c2c1ce098644777460209341bc66 49c986d827517d09289d22bdfa46574c3a0a3c7e
.reloc 0x82000 0xc 512 7c6ee96c6ed4de7098322d910f506848 6b2809d5ac72363064382ce04ec995f185f0c1ea
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven02b_64 Seven02b_64 VirtualBox 2018-12-12 23:48:18 2018-12-12 23:51:19 181

2 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven02b_64 Seven02b_64 VirtualBox 2018-12-12 23:48:18 2018-12-12 23:51:19 181

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2018-12-12 23:57:10

Detected family: #Malicious

TheSystem Itself @ 2018-12-13 00:02:02