ernest.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 16/68 Related 2620
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 693.79 KB (710440 bytes)
Compile time: 1990-02-18 08:07:49
MD5: 581e38611dd24f3f2b090a3b16b4e677
SHA1: 3180021d173425e0a9bc5ac1a560555648b6b010
SHA256: ef181825831796f5c92f7456bbe94417a3f608c1cb30fc5312a1e4f6b256d45e
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource relocation security
First submission: 2019-08-25 06:30:07
Last submission: 2019-08-25 06:30:07
Filename detected: - ernest.exe (1)
URL file hosting
hXXp://jiraiya.info/ernest.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-08-21 22:53:50 [16/68] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xa9934 694784 d94a8a1ee8ef84a39d56224d641e1364 f8e1efd27184ea1622d2f0d7488a18b14dec6a7b
.rsrc 0xac000 0x5c4 1536 f08c7b0043634952e0d3bc7a0663e3a2 73d1b58ba3b2ae50d53fc8148b829dd9befb5d09
.reloc 0xae000 0xc 512 0953b74b79119986695b475c8095df6f 9a8bfe28b37aa28f0b90e1b37c67e53498a503ac
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: a6db4192465e95b0153cfee8b4acb7dd
SHA1: a8d6233a9bd7629e513f2db4d22007132d307cab
Block Size: 13096
Virtual Address: 697344
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
http://s.symcb.com/universal-root.crl0
http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
http://crl3.digicert.com/sha2-assured-cs-g1.crl05
http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
https://d.symcb.com/rpa0.
http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
https://d.symcb.com/cps0%
http://s.symcd.com06
https://d.symcb.com/rpa0@
http://ocsp.digicert.com0C
http://crl.thawte.com/ThawteTimestampingCA.crl0
http://ocsp.digicert.com0N
http://ocsp.thawte.com0
http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
http://ts-ocsp.ws.symantec.com0;
http://ts-ocsp.ws.symantec.com07
https://www.digicert.com/CPS0
http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<

#infosec #automation

TheSystem Itself @ 2019-08-25 06:31:09