Ot6yql.png

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 26/66 Related 2616
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 309.50 KB (316928 bytes)
Compile time: 2018-10-23 21:27:41
MD5: 4a4c0dc53ec9bd17fc9524c858f0fa87
SHA1: 17a8a46f4b7d2cae0bf4bcb0e2f423aef8c2b955
SHA256: 59855140193f0b0c10a15b7eb7c70bbb2ff94fa49e93d64d14c74cb1fcc589ff
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 5 \DI|d(Q .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2018-10-24 15:00:03
Last submission: 2018-10-24 15:00:03
Filename detected: - Ot6yql.png (1)
URL file hosting
hXXps://e.coka.la/Ot6yql.pngVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-10-24 08:37:02 [26/66] VirusTotal
PE Sections 4 suspicious
Name VAddress VSize Size MD5 SHA1
\DI|d(Q 0x2000 0x889c 35328 3a4eb42e0d5248c72e91209da126a6d5 a69c683677f7c64cda48d3460d626d124e374c5a
.text 0xc000 0x3c440 247296 714f603ad2478aa59766672fe61e5a4c 3aeb42ad9ab973ee9404b46bcf04fca4dcf25d2a
.rsrc 0x4a000 0x7db8 32256 1a0302a053d6351f621a0b5dbda9691d 49b6b5a2cfbf88d8948a4a455ed3587cd148d004
.reloc 0x52000 0xc 512 8166b251127e943eb6e3ab5b720ba52f fb84c1991a2f63a4e1468a43d2ec36b0266c2014
0x54000 0x10 512 949498ef2f037b78fb2d70c132d3aeeb f388d02e7d6788281d9073923170244f96c94405
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Library
KERNEL32.dll
mscoree.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2018-10-24 15:00:18