rem1.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 48/70 Related 2790
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 390.50 KB (399872 bytes)
Compile time: 2019-10-04 16:14:26
MD5: 4ffe8d60bd61f14823dfde765ecc8f94
SHA1: 21659a14385fe716feac41a329df29fad3cebcf4
SHA256: dc08215092b341474a49253cb7884c36ee340446db00730904f84c1c49c580bc
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-15 09:51:09
Last submission: 2019-11-15 09:51:09
Filename detected: - rem1.exe (1)
URL file hosting
hXXp://globalpaymentportal.co/directdeposit/ach/rem1.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-14 18:10:56 [48/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x60e24 397312 67c3bd85398c762f080a5fbb6ee00b4b 3a69543c4df5c2afd01fe365a1f26faaad2540f1
.rsrc 0x64000 0x5e2 1536 0b60d43ba1a5f8a96e27c40a77276af9 7787a4e2252aa3e1f02b20e65706ae0d737741e6
.reloc 0x66000 0xc 512 4f48b50036dd290ab7bc2de8a53bb0f6 8b32be5703b02e58ca44170c00a4f0a2fa36473d
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Email
o5bz0svo.pst
FIle type: Library
mscoree.dll
IP Found
6.9.12.15
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-15 09:51:11