flash_optimizer.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 3
File details Download PDF Report
File type: PE32 executable (console) Intel 80386, for MS Windows
File size: 119.49 KB (122360 bytes)
Compile time: 2018-02-01 21:18:05
MD5: 49fe48f8cba25812e83b3c2fd177257a
SHA1: a2bae24ce431cc9e11edb1583c8110c4b30246c6
SHA256: cc85925ffdd1b325f6315eab1c12e430840bf74128bd3854d8721d5e065b5b61
Import hash: 2c5f2513605e48f2d8ea5440a870cb9e
Sections 5 .code .text .rdata .data .rsrc
Directories 3 import resource security
First submission: 2020-07-27 15:42:09
Last submission: 2020-07-27 15:42:09
Filename detected: - flash_optimizer.exe (1)
URL file hosting
hXXp://mffyjcdn.btgame.com/dragon_btgame/resource/share/flash_optimizer.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.code 0x1000 0x387e 14848 da73045b586ab1e28e607f483a0c2ce0 507983a0abe672ba6203b221d333ee56d059efd9
.text 0x5000 0xd642 55296 45a4903077d6f7155f4006b168c87dca e45017f5e1a6c39a392914fc2b62281d81e3d806
.rdata 0x13000 0x33a8 13312 fc9dcbeb475affc5d4c8d32f8314c9b3 372c95f62895d5a5c1d8b320ce5c57a1cae3d3a8
.data 0x17000 0x178c 4608 33d023c53c4bdb0632a1c2dd55c64674 06e556cd7e0a10df09d63063cf412b0b87eb52fc
.rsrc 0x19000 0x64c4 26112 c16bdc7929cd8d9f5264b9327bca030b ebb4b34c81db0e3d43c9ef6d2d308414d327162b
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: 6b131a77f6282c1a1f36f17943d5d10d
SHA1: faaf554b1ee4221acf810a38581f1b18349d8dd1
Block Size: 7160
Virtual Address: 115200
Packer(s)
No packers found for this file
File found
FIle type: Library
ntdll.dll
SHELL32.dll
KERNEL32.dll
SHLWAPI.dll
ole32.dll
comctl32.dll
USER32.dll
GDI32.dll
MSVCRT.dll
WINMM.dll
IP Found
No IP detected
URL(s)
http://s.symcb.com/universal-root.crl0
https://d.symcb.com/rpa0.
http://sw.symcd.com0
https://d.symcb.com/rpa0)
http://s.symcd.com06
http://sw1.symcb.com/sw.crt0
http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
http://s.symcd.com0_
http://s.symcb.com/pca3-g5.crl0
https://d.symcb.com/rpa0@
https://d.symcb.com/cps0%
http://ts-ocsp.ws.symantec.com0;
https://d.symcb.com/rpa0
http://sw.symcb.com/sw.crl0
http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0

#infosec #automation

TheSystem Itself @ 2020-07-27 15:42:10