dreamtrips_us3.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 29/70 Related 41
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 1077.79 KB (1103662 bytes)
Compile time: 1992-06-20 00:22:17
MD5: 3a0306c63c643a4b621f6a4cce9c234f
SHA1: 73c9698cd5f0a9a66c4b75de3a69db8ad26313c6
SHA256: fd72c23fee1669bd75b810ea7f6b1d48dab0ec73448aa0c30d0c6b06d0d7f1ce
Import hash: 2fb819a19fe4dee5c03e8c6a79342f79
Sections 8 CODE DATA BSS .idata .tls .rdata .reloc .rsrc
Directories 4 import resource tls relocation
First submission: 2019-09-12 16:21:06
Last submission: 2019-09-12 16:21:06
Filename detected: - dreamtrips_us3.exe (1)
URL file hosting
hXXp://dreamtrips.cheap/dreamtrips_us3.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-09-12 05:19:34 [29/70] VirusTotal
PE Sections 4 suspicious
Name VAddress VSize Size MD5 SHA1
CODE 0x1000 0xa208 41984 49513e676dadfb3919c4b137dd7c6d66 e6c4c7e38501072f322e4f18ffd39504f31df249
DATA 0xc000 0x250 1024 0a7b48e75f6b6ef4a087528fee0d185c 6bf1df8efc854015630f0cc2bf9ca03245387085
BSS 0xd000 0xe94 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.idata 0xe000 0x97c 2560 df5f31e62e05c787fd29eed7071bf556 3cfc95ebff0ce7dd7301eecc34bb84ee23beede8
.tls 0xf000 0x8 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.rdata 0x10000 0x18 512 14dfa4128117e7f94fe2f8d7dea374a0 2b87a504cb33a3fbd0e12d47b5e2e300f8257779
.reloc 0x11000 0x920 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.rsrc 0x12000 0x3af0 15360 bce4acbc4830c11be34238af68da3f01 921681aa03c8a3a609f2201b3852ac0f3532ceef
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Borland Delphi 3.0 (???)
Borland Delphi 4.0
File found
FIle type: Portable
9f.PDf
FIle type: Library
cryptbase.dll
clbcatq.dll
propsys.dll
USER32.dll
UxTheme.dll
dwmapi.dll
comctl32.dll
ADVAPI32.dll
OLEACC.dll
ntmarta.dll
SETUPAPI.dll
USERENV.dll
OLEAUT32.dll
profapi.dll
KERNEL32.dll
apphelp.dll
SHELL32.dll
comres.dll
VERSION.dll
IP Found
No IP detected
URL(s)
http://schemas.microsoft.com/SMI/2005/WindowsSettings
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline

#infosec #automation

TheSystem Itself @ 2019-09-12 16:21:08