Is DLL
Packer
Anti Debug
Anti VM
Signed
XOR
AntiVirus 55/71
|
File details
Download PDF Report
|
| File type: |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
| File size: |
396.36 KB (405874 bytes) |
| Compile time: |
2019-12-16 01:50:53 |
| MD5: |
671c2e2710c301a026919308026c7865 |
| SHA1: |
2b36ae436a477b786d336ecdb36965d0c745843e |
| SHA256: |
d451f6bc38ae71eccde50310507a91527714d64bec4aa4cdba613983a75145e1 |
| Import hash: |
24f4223e271413c25abad52fd456a9bc |
| Sections 5 |
.text��� .rdata�� .data��� .ndata�� .rsrc��� |
| Directories 2 |
import resource |
| First submission: |
2020-05-19 09:57:03 |
| Last submission: |
2020-05-19 09:57:03 |
| Filename detected: |
- binr.image (1)
|
| URL file hosting |
|---|
hXXp://ucto-id.cz/binr.image |
| Antivirus Report |
|---|
| Report Date |
Detection Ratio |
Permalink |
Update |
| 2020-05-05 06:37:37 |
[55/71] |
|
|
| PE Sections 1 suspicious |
|---|
| Name |
VAddress |
VSize |
Size |
MD5 |
SHA1 |
| .text��� |
0x1000 |
0x647b |
26112 |
126ee0e9857c3dd1da49a87c83cf68a5 |
f65cebd2228855df2300c368c3e156f7edd302e0 |
| .rdata�� |
0x8000 |
0x1384 |
5120 |
c0b38cbc803107c82ebed5a1c15c1ffa |
fad2994138bbc3babd5296377d77e474f5e0a874 |
| .data��� |
0xa000 |
0x20358 |
1536 |
9e607f846cdaf2d9c5b82d7d05f433ac |
953f98bd2d88fdfdc86797d52c1ea7f30349a180 |
| .ndata�� |
0x2b000 |
0x11000 |
0 |
d41d8cd98f00b204e9800998ecf8427e |
da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| .rsrc��� |
0x3c000 |
0x16b0 |
6144 |
d38eae1a21ab1c933b8450e610e2d36c |
c36a84f9bd978ca37e382f91287dc83e32ac322b |
| File found |
| FIle type: Library |
| %s%s.dll |
| ADVAPI32.dll |
| SHELL32.dll |
| comctl32.dll |
| ole32.dll |
| USER32.dll |
| GDI32.dll |
| KERNEL32.dll |
| URL(s) |
| http://nsis.sf.net/NSIS_Error |
#infosec #automation
TheSystem Itself @ 2020-05-19 09:57:05