DCALC_UPDATE.EXE

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 5816.00 KB (5955584 bytes)
Compile time: 2007-07-23 19:28:54
MD5: 6de8d69b4baff53375d96a967ee4fb0b
SHA1: 9b8adf41c85b3d1d35f3ac03cd6a4c16b8ed3190
SHA256: 7c75cc45e294fa3e886e229985867eb7b9cbb0e019c2c25dbd1b2078797f36c9
Import hash: 7ba723b64d17f7a384fbe9ed1b0583ff
Sections 5 .text .rdata .data .rsrc _winzip_
Directories 3 import export resource
First submission: 2020-10-21 14:51:07
Last submission: 2020-10-21 14:51:07
Filename detected: - DCALC_UPDATE.EXE (1)
URL file hosting
hXXps://[www].dcalc.us/Downloads/DCALC_UPDATE.EXEVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0xdf48 57344 c0cbeb4bd0c0bc6c096d32fedde08ec1 a5ea8fdb1897d6ef4d860ce4a8968a98223ebabb
.rdata 0xf000 0x28c2 12288 0003eb269e4fba9108a1f441c3909727 3beed34a93370e3434167483c9c7df9dc15fe52d
.data 0x12000 0x6344 8192 bd0f8386746fbd34aff0408173fcadf3 208d000db9108dbe4ae60c4606d8b327733cbfb6
.rsrc 0x19000 0x93a8 40960 d60fb549a37a484b24cec57cb5fdd16d 334cf40592ce49d7ec54627f8c831aad2342c945
_winzip_ 0x23000 0x590000 5832704 cae9881b8d863ce2ecf78dd1c4aecc1d 87889cea4a0bad5ddf21fd6b946db335921f3cb8
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Log
ST6UNST.LOG
FIle type: Data
POTBRGS.DAT
FIle type: Library
ADVAPI32.dll
SHELL32.dll
USER32.dll
KERNEL32.dll
mscoree.dll
comctl32.dll
GDI32.dll
FIle type: Web Page
UpdatePage.php
IP Found
No IP detected
URL(s)
http://www.winzip.com

#infosec #automation

TheSystem Itself @ 2020-10-21 14:51:08