5789

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 348.00 KB (356352 bytes)
Compile time: 2020-07-29 17:23:49
MD5: 70b77359660a164f6737ad3300bad5d4
SHA1: 452ecb8e054aba136cff6b1cfe230f6007861272
SHA256: 8fe13eb7220ce809b09fe4343505206f954c8b1e3ad649e7961fc4a2f7c9dbd9
Import hash: 72b3528e45595fafbd5f24ce92204592
Sections 4 .text .rdata .data .rsrc
Directories 2 import resource
Anti Virtual Machine 1 VMCheck.dll
First submission: 2021-01-08 19:24:10
Last submission: 2021-01-08 19:24:10
Filename detected: - 5789 (1)
URL file hosting
hXXp://robertsinclair.net/videos/5789/VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 0 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x36dd6 225280 bbcdfa73f9c1fc381d626a3db71763e0 bb86cf7e801aa71515356b9819a6a7660935e243
.rdata 0x38000 0xd59e 57344 236fc9c46bbcef7132da7bd9355a8a26 54306c248b2eab3b78bcc031e2677afe0183041f
.data 0x46000 0x5ef4 12288 efb4d7e5f0ef50b626082df835ba984e d81d326c5622c0ab097326ee69b1863397db65ae
.rsrc 0x4c000 0xda84 57344 f83d41bc61db407c9fc0d957edddb467 3c9510af4d8c9620883d5c6d049892fcec67a338
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ v7.0
Armadillo v2.xx (CopyMem II)
Microsoft Visual C++ 7.0
File found
FIle type: Object
hhctrl.ocx
FIle type: Library
nlsbres.dll
USER32.dll
ADVAPI32.dll
SHLWAPI.dll
SHELL32.dll
KERNEL32.dll
OLEAUT32.dll
oledlg.dll
ntdll.dll
comdlg32.dll
%s.dll
comctl32.dll
mscoree.dll
OLEACC.dll
ole32.dll
GDI32.dll
IP Found
No IP detected
URL(s)
file://

#infosec #automation

TheSystem Itself @ 2021-01-08 19:24:11