cpu32.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 47/70 Related 1
File details Download PDF Report
File type: PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
File size: 1101.00 KB (1127424 bytes)
Compile time: 2019-12-01 09:37:56
MD5: 796458c2e47b309cb8de15c3a3011906
SHA1: 0811b21080dd09b0fc80d56ba3d0732dd98b32e0
SHA256: 3d023861e931c429890ade94ce364c039f62287c8121921c4da5186a55013f83
Import hash: bc2507952c5954f0ae664ccf1c638c93
Sections 3 UPX0 UPX1 .rsrc
Directories 3 import resource tls
Anti Virtual Machine 1 Bochs & QEmu CPUID Trick
First submission: 2020-01-08 04:33:11
Last submission: 2020-01-08 04:33:11
Filename detected: - cpu32.exe (1)
URL file hosting
hXXp://112.216.100.210:443/o/cpu32.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-01-06 02:27:30 [47/70] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
UPX0 0x1000 0x364000 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
UPX1 0x365000 0x10d000 1101824 39b9edc03934d6411a6df16f223cc7eb 53f4208c035cf1c9001f4bb7129e4f40ef5a5fc9
.rsrc 0x472000 0x7000 25088 d7aff9f2172e715aa37dd258ade2540d c54fcbf098b25f88c1aa11506b1d11d60f3fb494
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
MSLRH V0.31 -> emadicius
UPX -> www.upx.sourceforge.net
File found
FIle type: Library
ADVAPI32.dll
USERENV.dll
WS2_32.DLL
MSVCRT.dll
IPHLPAPI.DLL
USER32.dll
KERNEL32.dll
SHELL32.dll
psapi.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-01-08 04:33:13