MalScore
100/100
MalFamily
Malicious

yBJZiZ.jpg

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 42/71 Related 2476
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 492.50 KB (504320 bytes)
Compile time: 1981-03-31 09:35:51
MD5: 3801e479ee6c2e68305cb15da3735049
SHA1: 8f59b7a09bc51d199c9fe63c08440aed8b2f3b81
SHA256: 77c4306426d5562ab92bc1441140c7944f6184aa941ce74051a303257cf4ab9a
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 5  h =:Q .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2018-12-12 17:15:03
Last submission: 2018-12-12 17:15:03
Filename detected: - yBJZiZ.jpg (1)
URL file hosting
hXXps://f.coka.la/yBJZiZ.jpgVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-12-12 00:33:07 [42/71] VirusTotal
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
 h =:Q 0x2000 0x4bb74 310272 d640ad33961d51f9fb41dcad088e7603 815cc577249f5b1d54933c1920738b93b606b74b
.text 0x4e000 0x2e540 189952 acae852924dc98d01cfcc75bdd508c38 2fa83ac363056d045d505b323729189da881b411
.rsrc 0x7e000 0x630 2048 87adcb8f68d7ef401c658289fd73b129 6a21520d42f42840fc948737233ed694b7ebfdbd
.reloc 0x80000 0xc 512 673cf38288e6adefbdcf4d415f0fc9de 6780b4594d0635c434bc259bc57a93a254dfc115
0x82000 0x10 512 5265a140695e2f4d5954aef60935f8ce 6abc31a308371d2087b401710a8025116b3c67ef
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
KERNEL32.dll
mscoree.dll
IP Found
6.9.2.1
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven04b_64 Seven04b_64 VirtualBox 2018-12-12 17:06:14 2018-12-12 17:09:16 182

2 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven04b_64 Seven04b_64 VirtualBox 2018-12-12 17:06:14 2018-12-12 17:09:16 182

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2018-12-12 17:15:10

Detected family: #Malicious

TheSystem Itself @ 2018-12-12 17:20:02