FreeDiscordNitro.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 36/69 Related 2714
File details Download PDF Report
File type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 76.00 KB (77824 bytes)
Compile time: 2019-11-11 01:57:45
MD5: 717d2a0d39fc224427ec3e4dcfd3bffe
SHA1: 6d719337f97c91777f0818383b0fa47e390c47f3
SHA256: 8f7638e33a8f873f11b09155b21e87069a1499785b1fb4e4eb011eb36ad6ea14
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource debug relocation
First submission: 2019-11-18 20:15:03
Last submission: 2019-11-18 20:15:03
Filename detected: - FreeDiscordNitro.exe (1)
URL file hosting
hXXps://cdn.discordapp.com/attachments/643600184579850271/643601185462288395/FreeDiscordNitro.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-16 13:44:02 [36/69] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x1a54 7168 44426af1129039b5c10263adc2bbe7d2 3c032062ffdbb56ca6681935af5a48900c1b167b
.rsrc 0x4000 0x10e70 69632 7386385147b303b2dbfb25f9c6240faa f8c99f6db017ac80e66e419b9d0ccbac175e0a6f
.reloc 0x16000 0xc 512 b87a985be2149fe920e4e22543f2d2e4 43d4536c7e04fca22ed8cbd74766c2225e7ad99f
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
51.77.201.42
URL(s)
https://discord.gift/
http://51.77.201.42
https://discordapp.com/api/webhooks/643226057910124564/Vln1O-f4NI7gwmbzkBKI9J27QHDmDFDDKWheIPFuR7RkhFRNQBjs_y2Z735Y-jBEUAoq
https://discordapp.com/api/webhooks/643133281272987650/2PPJ2xcVfNrs22RUjCK4SxON2byQ_AYzAS3NsC0TubioVgBX1YutFEMwOiQNxl5lpFMe
http://51.77.201.42/kysapi?message=

#infosec #automation

TheSystem Itself @ 2019-11-18 20:16:04