setpagetools.exe

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 302.50 KB (309760 bytes)
Compile time: 2020-05-26 05:20:37
MD5: 51f949c34b9b9c61e504d6fcc875f57c
SHA1: 698603480f9586968495e0b77a4d85714aef4f3d
SHA256: 509dc3a8cc644ed8efba1bbb706cbec79389c34523bf2dae2b81a53518561805
Import hash: b321100a3df2a0145d25801eaa0ed387
Sections 5 .text .rdata .data .rsrc .reloc
Directories 4 import resource debug relocation
Anti Virtual Machine 2 VMCheck.dll Bochs & QEmu CPUID Trick
First submission: 2020-06-25 17:48:08
Last submission: 2020-06-25 17:48:08
Filename detected: - setpagetools.exe (1)
URL file hosting
hXXp://download.xp666.com/xzqswf/setpagetools.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 0 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x3b8ef 244224 e7e7a4bb804441f278f89ef1ecfcdf9e 8201ff5a2fe07a4de5cb8319555f2c1d7f761f88
.rdata 0x3d000 0xc1d4 49664 129d4489de9e44ec7fcda314c3791a51 2cb87cd7e7134c35bc1ae0da63f2b7d5ae67848f
.data 0x4a000 0x2bfc 1024 ce6045dedce0c63e180b7e6581eb0cdd d9bbc7b90675348d3086dcfb8884c0b10af44212
.rsrc 0x4d000 0x78c 2048 d0cbb40c09649e82da245ef333977f21 16e72689477cbe0065ad4847f76364fe66ccf78d
.reloc 0x4e000 0x2d3a 11776 926754a4a81b5e6b241967b848978fe6 55d5a83f0a5762bf5ce4deec0fb7a49e1748887c
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Library
SHLWAPI.dll
SHELL32.dll
WS2_32.DLL
USER32.dll
ADVAPI32.dll
msvcr100.dll
ole32.dll
KERNEL32.dll
WLDAP32.dll
IP Found
No IP detected
URL(s)
http://360.dh820.com
http://curl.haxx.se/docs/http-cookies.html
ftp://%s:%s@%s
http://xz.qd588.cn/config.ini
file://
http://www.2345.com.dh810.com/%d.html
ftp://
http://daohang.qq.com.dh810.com/%d.html

#infosec #automation

TheSystem Itself @ 2020-06-25 17:48:09