%E4%B8%80%E9%94%AE%E5%BC%80%E5%90%AF%E5%...

Is DLL Packer Anti Debug Anti VM Signed XOR Related 2805
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 362.00 KB (370688 bytes)
Compile time: 2019-01-31 17:10:34
MD5: 4215f065e1dcec04612a5e9d4707df9d
SHA1: e9e2d2694a3b117db50f75a5fd9a819cebc3afaf
SHA256: d59f4326de544446fc05984fc4ed5d1b2bd32cbeecaad97474af2ac24befeb67
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 5 .text .vmp0 .vmp1 .rsrc .reloc
Directories 3 import resource relocation
First submission: 2020-12-04 03:39:08
Last submission: 2020-12-04 03:39:08
Filename detected: - %E4%B8%80%E9%94%AE%E5%BC%80%E5%90%AF%E5%85%B3%E9%97%ADWin10%E6%9D%80%E6%AF%92.exe (1)
URL file hosting
hXXp://down.liangziip.com/%E4%B8%80%E9%94%AE%E5%BC%80%E5%90%AF%E5%85%B3%E9%97%ADWin10%E6%9D%80%E6%AF%92.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x1c154 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.vmp0 0x20000 0x4a0 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.vmp1 0x22000 0x48488 296448 50dbd3a88b3612fd32d23617079d41f4 553c036272ef8e9ccbff24f47c4b8123191cce71
.rsrc 0x6c000 0x11a15 72704 6e5b9a973ce095bc087afe3ccdbf321b aa743f06861c11ec5e1d362d818a49378ed2c5c2
.reloc 0x7e000 0xc 512 e33543c3310e1a9b2e638187d8d29c43 cd3c2431f2ba74d33ace7a4221dfa27d09499b30
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
http://www.liangziip.com
http://schemas.microsoft.com/SMI/2005/WindowsSettings

#infosec #automation

TheSystem Itself @ 2020-12-04 03:39:09