appupdui_01.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 1
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 1303.30 KB (1334584 bytes)
Compile time: 2019-07-19 08:55:06
MD5: 778d52b2a0869163415794cd2b0edaa6
SHA1: 9eb8558a368caad186ae10c6b0b41e7f0d996a13
SHA256: 362c11dadee745906d6e26c191f47e7c3c3d5e174663eaf8ec170663c1ed256d
Import hash: 27b7cf8a9476e9d4d16161fae91c106c
Sections 7 .text .rdata .data .gfids .tls .rsrc .reloc
Directories 6 import resource debug tls relocation security
Anti Virtual Machine 1 VMCheck.dll
First submission: 2020-10-17 04:27:09
Last submission: 2020-10-17 04:27:09
Filename detected: - appupdui_01.exe (1)
URL file hosting
hXXp://download.exrnybuf.cn/jianya/appupdui/v1.0.7.19/appupdui_01.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0xe0123 918016 231c547a922eef4b681ed02442e82146 8adb84bf282c70510585ad88b2a0a136357e4733
.rdata 0xe2000 0x31e58 204800 f00074ffb2d48ccfb1a0fa60938e3f92 881046fd5f6b64ae852e2991672f128e0911e59d
.data 0x114000 0x3c54 9216 9498f748e40f70ca2fbe7a063b09b3b2 e71fab159a4ee51bb03299d0fe5d6c5f8ff56a67
.gfids 0x118000 0x1d8 512 313032a82c6cb405b3dccd0f8d32de98 5f120c29e1c8ceb45380474bb14df53a670b347b
.tls 0x119000 0x9 512 1f354d76203061bfdd5a53dae48d5435 aa0d33a0c854e073439067876e932688b65cb6a9
.rsrc 0x11a000 0x245e0 148992 4009cb8443e7b3ff2498f5e33b9e0408 a135b18216f7981e66c0e7b36765ff9672207a42
.reloc 0x13f000 0xbbb0 48128 61cc368b8a423241a139ec9efa33f88e 488e927f14f77a77287c287029388185d1d3c8c3
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: cd6d78fd67dac3abe6a1359d01fc7232
SHA1: f8ccadf51b57c34ee7eb8cda1eaffa1018647b1c
Block Size: 3384
Virtual Address: 1331200
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: XML
menu_%s.xml
ads.xml
%s.xml
appupdui.xml
FIle type: Library
mscoree.dll
MSIMG32.dll
KERNEL32.dll
USER32.dll
DMsftedit.dll
ADVAPI32.dll
SHLWAPI.dll
OLEAUT32.dll
IMM32.dll
WININET.dll
WS2_32.DLL
WLDAP32.dll
SHELL32.dll
comctl32.dll
ole32.dll
gdiplus.dll
urlmon.dll
GDI32.dll
IP Found
1.0.0.1
127.0.0.1
URL(s)
http://crl.globalsign.com/gsextendcodesignsha2g3.crl0
ftp://%s:%s@%s
https://www.globalsign.com/repository/0
file://
http://myip.ipip.net
http://secure.globalsign.com/cacert/gsextendcodesignsha2g3ocsp.crt0
http://ocsp2.globalsign.com/rootr306
file://hostname/,
http://ocsp2.globalsign.com/gsextendcodesignsha2g30U
https://curl.haxx.se/docs/http-cookies.html
http://crl.globalsign.com/root-r3.crl0b
ftp://

#infosec #automation

TheSystem Itself @ 2020-10-17 04:27:11