5r0snukhb-oebu-4523221

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 12/71 Related 6
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
File size: 197.64 KB (202385 bytes)
Compile time: 2019-11-08 22:09:18
MD5: 509363de1856814d559f9091a025a1c4
SHA1: f43f754ee554f7c37c4cc4460921cd168adc81b2
SHA256: df112cc5fa355befb7771f5a3a1d1f815cb54c5116c5aa089e59f4000dd4828a
Import hash: 095a963bd2e8a868ff785e45b077025b
Sections 10 .text .data .rdata .eh_fram .bss .edata .idata .CRT .tls .reloc
Directories 4 import export tls relocation
First submission: 2019-11-09 03:57:08
Last submission: 2019-11-09 03:57:08
Filename detected: - 5r0snukhb-oebu-4523221 (1)
URL file hosting
hXXps://delightfull.co.kr/kmxs/5r0snukhb-oebu-4523221/VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-09 02:53:58 [12/71] VirusTotal
PE Sections 4 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x175a4 95744 66f9d833d7af6b917f0fbfcb59e42f8b 0bfe52ef4b45d26d62ccc9aae831f102567b73f0
.data 0x19000 0xde14 57344 4a3e90668cb3942662643c6aeb6c989e 9f88d3cadffa1ab686ad34b402f915201573c3cd
.rdata 0x27000 0x4db4 19968 a37f41a169a0ecb2489ddfe6f9d23274 850c04f1a8ff80f9a1bbd17803a4e3c934712e98
.eh_fram 0x2c000 0x45c4 17920 f965405b0496bd36266a1beed6b44fee 5d9d77eeb6d0485d54cb80e8c64d397411d47166
.bss 0x31000 0x940 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.edata 0x32000 0x59 512 acc054ec564a65b7193ec034e2469fe9 9cb397ecabf2235b58782b2001d9830505ddb6c1
.idata 0x33000 0xd70 3584 ef79aeb3f5050b473a9a91941c7faf48 15d99fcf17d4cf5f60a7b5106a88715083bfdd72
.CRT 0x34000 0x18 512 227669b073adede5035ad5178f7cef5b 28b7d09dd871c608322fb2413e1a528d959ba133
.tls 0x35000 0x20 512 46b9901955e270f6a4cdf480e0106bfe fbcf811ef22293cb6e9fcc69506fb44c2623cd60
.reloc 0x36000 0x1344 5120 d2a3873622dea566749e0172baf63794 5de94ed018ba952f4ff2636032d227ff65f84c3d
  • API Alert
  • Anti Debug
  • PE Exports: 5r0snukhb-oebu-4523221
    • 0x403900
      cvdffxcdfsdxxzSaw
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Library
libgcc_s_dw2-1.dll
libgcj-16.dll
ddraw.dll
USER32.dll
MSVCRT.dll
WINMM.dll
ADVAPI32.dll
GDI32.dll
KERNEL32.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-09 03:57:09