hqpi64.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 2643
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 660.50 KB (676352 bytes)
Compile time: 2019-03-12 15:02:39
MD5: 6995e574182cc7eaaae1c45fc44a87d9
SHA1: a9d119812aa9f8d7fe0248f519261cbfafba46ba
SHA256: c242bfb6aa6d47087d77d25955bd48a5421fb0353049828ec99d44e119874b7a
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
Anti Virtual Machine 1 VMware trick
First submission: 2019-04-12 17:34:46
Last submission: 2019-04-12 17:34:46
Filename detected: - hqpi64.exe (1)
URL file hosting
hXXp://gestomarket.co/hqpi64.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xa45a4 673280 b98a49a195375e9eca6e3f51c9bc6ff8 d66ae93c3fc64a77605f131a5eba4435c53621ac
.rsrc 0xa8000 0x800 2048 5be3d728b70e5168e89db55df5e848fb 51a9e9ffe35e19fb794811fb59f7f7385ac997ec
.reloc 0xaa000 0xc 512 0c84ddbebe73c021c49dd38e69f559c9 82ec44b0aea9b25af6e27c76789101b1f2e4f44a
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-04-12 17:34:47