MalScore
100/100
MalFamily
Razy

nbin.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 28/68 Related 2581
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 650.50 KB (666112 bytes)
Compile time: 1986-04-04 08:54:50
MD5: 7b3f6550abbf431ad7a2cf1dead5a0bb
SHA1: ef3f4654e1fc763c6d539c4b69191c31bcf2a931
SHA256: e26d3192c0d40fcca5eef462260316a7cb2e46023a0c963214cd2e6c4a885046
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2018-11-08 12:45:06
Last submission: 2018-11-08 12:45:06
Filename detected: - nbin.exe (1)
URL file hosting
hXXps://ougadikhalkhuntec.nl/jskdsk/nbin.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-11-07 09:25:50 [28/68] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xa1cd4 663040 6cd0b6abf11a809b6557c7ee8f47cd85 ed683120ef3ac07f949e83de4be7a9be63c3f740
.rsrc 0xa4000 0x670 2048 19e3ab7051f9340ce67f23107ba0e3ad dc3da785c397e3c4572799cea6a166b8ac3809a1
.reloc 0xa6000 0xc 512 b85001f053eea11814ff010202dd51e3 91b074efd7112ca4ece70ccbd17ff73647fd8475
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
mscoree.dll
IP Found
7.2.27.4
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven01b_64 Seven01b_64 VirtualBox 2018-11-08 12:37:10 2018-11-08 12:40:07 177

2 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven01b_64 Seven01b_64 VirtualBox 2018-11-08 12:37:10 2018-11-08 12:40:07 177

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2018-11-08 12:45:08

Detected family: #Razy

TheSystem Itself @ 2018-11-08 12:52:01