MalScore
50/100
MalFamily
Emotet

0kuev1

Is DLL Packer Anti Debug Anti VM Signed XOR Related 2
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 243.57 KB (249414 bytes)
Compile time: 2020-01-22 18:36:37
MD5: 78511e75db3e5e9bc5d06234bac00b96
SHA1: 421066202c9060d7a44f33749083dc71e8861746
SHA256: d2423c1458d847e92668c2ab83d1572940b5384830ae141ced8e564cd78f9c5c
Import hash: 4ddbf6d7dca6fa2386714a7569cf0855
Sections 4 .text .rdata .data .rsrc
Directories 2 import resource
First submission: 2020-02-14 17:06:13
Last submission: 2020-02-14 17:06:13
Filename detected: - 0kuev1 (1)
URL file hosting
hXXp://csdnshop.com/wp-admin/0kuev1/VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x1f4bb 131072 fff4e6148e0337a561f4985565b43687 e28a8962366895edc2b0d162967fbd5c665d2068
.rdata 0x21000 0x7d8e 32768 f9824eb5fe98c71d708e596db902e465 a1f8169e1b4a34cedeb0cc548300dc3b449cb43e
.data 0x29000 0x5254 8192 ae8196c9b8de52a4f8892ae7cae09287 d8cc22a14e72938db3775e373398e7b009c3d32d
.rsrc 0x2f000 0x13b48 81920 ae6f39d61a5c74a25777aa1a1b30a766 f1b1d6e1587a841f7cdb18de242e5dd99affcba8
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ v7.0
Armadillo v2.xx (CopyMem II)
Microsoft Visual C++ 7.0
File found
FIle type: Object
hhctrl.ocx
FIle type: Text
testfile.txt
FIle type: Library
ntdll.dll
KERNEL32.dll
crypt32.dll
USER32.dll
ADVAPI32.dll
SHELL32.dll
OLEAUT32.dll
comdlg32.dll
%s.dll
comctl32.dll
SHLWAPI.dll
mscoree.dll
OLEACC.dll
ole32.dll
GDI32.dll
IP Found
No IP detected
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven04_64 Seven04_64 VirtualBox 2020-02-14 17:04:10 2020-02-14 17:04:35 25

1 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven04_64 Seven04_64 VirtualBox 2020-02-14 17:04:10 2020-02-14 17:04:35 25

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2020-02-14 17:06:22

Detected family: #Emotet

TheSystem Itself @ 2020-02-14 17:09:02