Poster.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 52/71 Related 2779
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 62.00 KB (63488 bytes)
Compile time: 2060-07-08 19:29:15
MD5: 4072fe5f4dc40364bb47e2026113f07f
SHA1: 7235a9a5fc4064f3295639afb5b2f3db732aa0d3
SHA256: a60aed639c2caf18d42ee7ac6ed14deab8dfb9994f89cfad98acb34157762a73
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource debug relocation
First submission: 2020-05-16 01:24:04
Last submission: 2020-05-16 01:24:04
Filename detected: - Poster.exe (1)
URL file hosting
hXXps://zd4b.lonlyfafner.ru/Poster.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-04-29 21:15:03 [52/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xed50 60928 f47f0b9e3e2a12bc6a6b78242621aa90 f26731ad28df9a08eb30d4feb81f788371fb0db8
.rsrc 0x12000 0x4d4 1536 3dc4d7e96ff90648d0ee592ac8c54db0 2066b5b3c76644a1add9bcf322ea1e6fb630644f
.reloc 0x14000 0xc 512 ad9e10ffabdc78aee9f36b652befc6ff 659df5c7797c1b34fdc6b4c19ab58e2ed8aff946
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
KERNEL32.dll
ntdll.dll
mscoree.dll
vaultcli.dll
USER32.dll
SHELL32.dll
IP Found
188.119.112.229
URL(s)
http://checkip.dyndns.org
https://wtfismyip.com/text
https://api.ipify.org
http://
file:///
http://checkip.amazonaws.com/
https://ipinfo.io/ip
http://bot.whatismyipaddress.com/
https://icanhazip.com
http://www.geoplugin.net/json.gp?ip=

#infosec #automation

TheSystem Itself @ 2020-05-16 01:24:06