service-update.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 36/71 Related 2734
File details Download PDF Report
File type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 8.65 KB (8856 bytes)
Compile time: 2077-05-04 06:02:19
MD5: 40fa22a34bbadc6c53e7376a00a3e8d9
SHA1: 32f58ae639594617cbf8e8f9cb147c3887eaee8d
SHA256: 1681d3f10415c230a89f8d8bda465868315b3134494d7866bb449d900d403415
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 5 import resource debug relocation security
First submission: 2020-01-20 10:24:03
Last submission: 2020-01-20 10:24:03
Filename detected: - service-update.exe (1)
URL file hosting
hXXp://77.75.37.33/service-update.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-01-15 12:16:09 [36/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x11b4 4608 9553c7b22e7ddcd1af30429fc4d3829e 31175d6771b35249abf5ba5d7fb5d3f41eb9dc26
.rsrc 0x4000 0x5bc 1536 6840b8cf153b326fed0c7d20bb92f8f5 51c4a75520f85e6252ef02510e50973939853cb7
.reloc 0x6000 0xc 512 4fb0859eeecd93ab53d7ee7650e87b8e 19f89f3388c9b25904e1452b3bcaa460ce5b631a
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: c9a52dd088bec7091df99ff2cd80608e
SHA1: 5d0e5ebe3c80b2b38fc2e5131a557cedfea2a747
Block Size: 1688
Virtual Address: 7168
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Text
C:\Users\Public\test.txt
FIle type: Library
KERNEL32.dll
USER32.dll
mscoree.dll
IP Found
77.75.37.33
URL(s)
http://sha256timestamp.ws.symantec.com/sha256/timestamp0

#infosec #automation

TheSystem Itself @ 2020-01-20 10:24:05