cpu32.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 1
File details Download PDF Report
File type: PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
File size: 1101.00 KB (1127424 bytes)
Compile time: 2019-12-01 09:37:56
MD5: 50f04c7b102d3524f959b84e13605297
SHA1: 7fb5a33907859a490bdd643619cd685e79b4dd8e
SHA256: 04df1c52f97928dac4c3534d7d3911d3dee734bb25158667fe9af208aea1249e
Import hash: bc2507952c5954f0ae664ccf1c638c93
Sections 3 UPX0 UPX1 .rsrc
Directories 3 import resource tls
Anti Virtual Machine 1 Bochs & QEmu CPUID Trick
First submission: 2020-01-08 04:15:10
Last submission: 2020-01-08 04:15:10
Filename detected: - cpu32.exe (1)
URL file hosting
hXXp://s.vollar.ga:443/o/cpu32.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
UPX0 0x1000 0x364000 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
UPX1 0x365000 0x10d000 1101824 39b9edc03934d6411a6df16f223cc7eb 53f4208c035cf1c9001f4bb7129e4f40ef5a5fc9
.rsrc 0x472000 0x7000 25088 d7aff9f2172e715aa37dd258ade2540d c54fcbf098b25f88c1aa11506b1d11d60f3fb494
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
MSLRH V0.31 -> emadicius
UPX -> www.upx.sourceforge.net
File found
FIle type: Library
ADVAPI32.dll
USERENV.dll
WS2_32.DLL
MSVCRT.dll
IPHLPAPI.DLL
USER32.dll
KERNEL32.dll
SHELL32.dll
psapi.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-01-08 04:15:11