firefox.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 25/71 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 466.50 KB (477696 bytes)
Compile time: 2019-11-08 10:31:00
MD5: 4a9ca14c5b711f3b09d52d6ddaf54b4c
SHA1: 92b3955e6b96418f0c404c23f87192ac01990e3d
SHA256: 0ca7a365b20014122144d6c389855a0393b9295c94d751866381f29160b9deb4
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 4 .text .sdata .rsrc .reloc
Directories 3 import resource relocation
Anti Virtual Machine 1 VMware trick
First submission: 2019-11-11 13:39:08
Last submission: 2019-11-11 13:39:08
Filename detected: - firefox.exe (1)
URL file hosting
hXXp://gaubonggiarehcm.com/wp-admin/firefox.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-09 08:57:18 [25/71] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x39864 236032 88710b9b427c5862fa445a469e80905d 6c54fab029f845bde9b26f60dd90d2645e8c051e
.sdata 0x3c000 0xb9 512 1b4cacb254e09aac89067f3d804fb69b 7f43b0181906f16f1b3772d8ee8899c131b7d350
.rsrc 0x3e000 0x3a6c8 239616 222c7ef119c10833ce6ba30c7796f3bc 003379556d74d327369e8238390e672ba0b598c5
.reloc 0x7a000 0xc 512 8b77af19196e6c5a46a6fcbabe8b5000 9c599f5f5e2af2638b2469e3c8181eb89b817c37
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
KERNEL32.dll
mscoree.dll
IP Found
No IP detected
URL(s)
file:///

#infosec #automation

TheSystem Itself @ 2019-11-11 13:39:09