Encrypt.exe

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
File size: 1228.76 KB (1258253 bytes)
Compile time: 1970-01-01 01:00:00
MD5: 780199e7b9c57c9db6c4fe1737d5d56a
SHA1: aba0007a8a184b6e14aa526b5eafad8894cd0ef4
SHA256: 77cb43110ad6752663aed8e3a27a33a73b289246ed875561e3c139dae9ef397a
Sections 14 .text .rdata .data /4 /19 /32 /46 /63 /80 /99 /112 /124 .idata .symtab
Directories 1 import
First submission: 2020-08-26 14:18:13
Last submission: 2020-08-26 14:18:13
Filename detected: - Encrypt.exe (1)
URL file hosting
hXXp://[www].ukks.net/controls/Encrypt.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 0 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0xd8ca8 888320 aa1660927217650d67e428109322ce4b c49f8508ef7428cea4c1b8da66f804a695561ec9
.rdata 0xda000 0x1052a6 1070080 62a4c601b50686c80b2355d070211e75 57bc5aedb56f072301464465d8176abc46cc4060
.data 0x1e0000 0x35a58 98816 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/4 0x216000 0x114 512 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/19 0x217000 0x1f3b0 128000 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/32 0x237000 0x852f 34304 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/46 0x240000 0x2bbd 11264 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/63 0x243000 0x3c98 15872 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/80 0x247000 0x22 512 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/99 0x248000 0x39d97 237056 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/112 0x282000 0x1fabb 130048 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
/124 0x2a2000 0xb0d3 45568 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.idata 0x2ae000 0x416 1536 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.symtab 0x2af000 0x2e8d9 190976 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Log
8.log
FIle type: Library
l32.dll
I32.dll
*syscall.DLL
IP Found
No IP detected
URL(s)
https://www.bestbitcoinexchange.io
https://localbitcoins.com/buy_bitcoins
https://www.coindesk.com/information/how-can-i-buy-bitcoins
https://t.me/filedecrypt002internal
https://drive.google.com/file/d/1L1qeBgY_AfjYVgO8FEZsViJxK4TBWXZI/view
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven04_64 Seven04_64 VirtualBox 2020-08-26 14:14:09 2020-08-26 14:14:31 22

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2020-08-26 14:18:15