restr.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 7
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, RAR self-extracting archive
File size: 79.37 KB (81271 bytes)
Compile time: 2010-03-15 07:27:50
MD5: 4e56f484635aa907527ac729fa0b64e1
SHA1: 7c89ee70d8fc5190c41c6fa9e57056e8be9127b4
SHA256: 4a31ab47d1df2e34b5a412126d73a6cc8c03549b7ea992ecd96a2f7a4c3fbfb1
Import hash: 335172068aa2111ea57057a8ab38eb5e
Sections 3 UPX0 UPX1 .rsrc
Directories 3 import export resource
First submission: 2020-06-26 11:18:04
Last submission: 2020-06-26 11:18:04
Filename detected: - restr.exe (1)
URL file hosting
hXXp://shahtoba.faqserv.com/restr.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
UPX0 0x1000 0x1b000 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
UPX1 0x1c000 0xc000 46592 e1e94f51568c3cf4d72b6205a118f9fe bc4c43313f2295903e988e2cb6b82334bb7939fc
.rsrc 0x28000 0x3000 9728 f2ffe767b5898e8990b9ae8ddbdcefdc 45f279e2dd37b4f6a0405dfc41c16f7adaccafb2
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
UPX -> www.upx.sourceforge.net
File found
FIle type: Library
ADVAPI32.dll
ole32.dll
USER32.dll
SHELL32.dll
comctl32.dll
comdlg32.dll
GDI32.dll
OLEAUT32.dll
KERNEL32.dll
IP Found
No IP detected
URL(s)
http://schemas.microsoft.com/SMI/2005/WindowsSettings

#infosec #automation

TheSystem Itself @ 2020-06-26 11:18:06