setup.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 1/68 Related 2734
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 348.63 KB (356992 bytes)
Compile time: 2020-02-13 15:45:42
MD5: 4c4298d57e751ed376d271a486737c5e
SHA1: 8ea30cdedeff1ad5fa108cbb2c21e3fab07948aa
SHA256: 8bd90f7446d724230d40e7b7d08f9220c84e7c615aec7e516eb4ac9a9a65535b
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 5 import resource debug relocation security
First submission: 2020-02-13 23:30:05
Last submission: 2020-02-13 23:30:05
Filename detected: - setup.exe (1)
URL file hosting
hXXp://1win-pro.com/downloads/1xwin/setup.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-02-13 14:47:57 [1/68] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x4fe54 327680 635af5c9f3982b31079134e601c26756 37f8becc44d414d45f0da014743feee91b6e291d
.rsrc 0x52000 0x4c50 19968 9e156c1ff5942c0a68659e6d88da4ab6 78dbec4886965672a36c4331ea1fbb2def505231
.reloc 0x58000 0xc 512 0436284a0261f0785083a10c8ce7d19f ca72f981cf1d34d46b584510962dde77efa47a54
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: 1ef0990424c929f6815d976c12325afa
SHA1: a9236ebdfd2f16f0356206183bbcc11dab2d303f
Block Size: 8320
Virtual Address: 348672
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Linker File
1xWin.lnk
FIle type: Text
https://1win-pro.com/downloads/1xwin/Starter.txt
https://cpadeer.com/dl/Starter.txt
FIle type: Library
mscoree.dll
SHELL32.dll
IP Found
No IP detected
URL(s)
http://www.usertrust.com1
https://www.thawte.com/cps0/
https://1win-pro.com/downloads/1xwin/icon_new.ico
https://sectigo.com/CPS0B
http://crl.usertrust.com/AddTrustExternalCARoot.crl05
https://1win-pro.com/downloads/1xwin/Starter.txt
http://tl.symcb.com/tl.crt0
https://cpadeer.com/dl/Starter.txt
http://crt.usertrust.com/UTNAddTrustObject_CA.crt0%
http://tl.symcd.com0&
https://www.thawte.com/repository0W
http://t2.symcb.com0
https://1win-pro.com/downloads/1xwin/Starter.exe.config
http://crl.sectigo.com/COMODOTimeStampingCA_2.crl0r
http://tl.symcb.com/tl.crl0
http://crl.usertrust.com/UTN-USERFirst-Object.crl0t
https://cpadeer.com/dl/serviceupdate.exe
https://1win-pro.com/downloads/1xwin/uninstall.exe
http://t1.symcb.com/ThawtePCA.crl0
http://ocsp.usertrust.com0
http://crt.sectigo.com/COMODOTimeStampingCA_2.crt0#
http://ocsp.sectigo.com0
https://1win-pro.com/downloads/1xwin/Starter.exe
https://1win-pro.com/downloads/1xwin/updateservice.exe

#infosec #automation

TheSystem Itself @ 2020-02-13 23:30:07