yy.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 24/70 Related 2628
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 655.00 KB (670720 bytes)
Compile time: 2019-10-14 00:34:59
MD5: 487415f221ed8f64c0bc9122fd5020f8
SHA1: 72e390f05484501e718cf8c5e56601cb0b9511ac
SHA256: a44868e303f35206d8adea9606746cfd49b6e045ece904ef8adde1ab3bfa7187
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-10-21 04:42:04
Last submission: 2019-10-21 04:42:04
Filename detected: - yy.exe (1)
URL file hosting
hXXp://gessuae.ae/wp-includes/images/smilies/yy.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-10-14 09:49:00 [24/70] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xa30e4 668160 078bd4f5f3477531fe0337850b44866c 4efaae158a6cb87663f89f296c29d9a620168a03
.rsrc 0xa6000 0x600 1536 40c9f46beeb0cbd0ef497c4df4583c50 34d54e0e61587d85c166756aef6cbf3485ed06b0
.reloc 0xa8000 0xc 512 542e3d61294731aa6693a006e80e0f3a cf22c05c873437b9a806ae0b25950ec4aedc2743
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
1.8.8.8
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-10-21 04:42:04