readme.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 57/72
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 454.50 KB (465408 bytes)
Compile time: 2018-10-10 01:16:15
MD5: 415cc7ecd231771bda66741b424484bc
SHA1: 5330ee0641d1802114f158641ab10e6e7d35bd07
SHA256: 50f8789e5de73c51e9ce28fbd2b461ebeed04bf8acdd2c478a82580884094fec
Import hash: 920511d4d6e616a0d294cf9e189c3a9d
Sections 6 .text .rdata .data .tls .rsrc .reloc
Directories 5 import resource debug tls relocation
First submission: 2020-01-13 18:39:04
Last submission: 2020-01-13 18:39:04
Filename detected: - readme.exe (1)
URL file hosting
hXXp://[www].meconservationschool.org/wp-content/themes/genesis/readme.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-01-05 05:27:18 [57/72] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0xeb0b 60416 b6459d197912865145e7df181ab5924a af449b8d4a5cb0db00ce744da7a73dc78d838f8f
.rdata 0x10000 0x4b1ec 307712 70661a36f17af9640cb87496b73179ee ae4e34bbc9d8f48fba224f7b8fbfd570ab2e4d17
.data 0x5c000 0x33920 17920 6743292affb515629e8bfe81d19afe8f 5b502f2feaa8eee495fa982076adecd804e0699d
.tls 0x90000 0x9 512 1f354d76203061bfdd5a53dae48d5435 aa0d33a0c854e073439067876e932688b65cb6a9
.rsrc 0x91000 0x11de0 73216 37054be609d34770a667ba49901cd721 2376322343046fc1c38f0cd9b128cb616a0d6e1c
.reloc 0xa3000 0x11fc 4608 6e2c45452a60179ed379ec3ee2e7e3e3 e98725d64624c65adb17ca4f39d5dfd47b5b566d
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Library
mscoree.dll
USER32.dll
KERNEL32.dll
ADVAPI32.dll
WINHTTP.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-01-13 18:39:05