ff.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 36/71 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 466.50 KB (477696 bytes)
Compile time: 2019-11-05 22:16:39
MD5: 7f9a4bc57bdf4e05a446da4039d70dfc
SHA1: 326792c0c5d80b78a9e0629211b46b47a60717e7
SHA256: 870ab8bf5354abf9984aef88db4e058dd873e8eef90e1909b3480cdd81cdde56
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-11 01:30:03
Last submission: 2019-11-11 01:30:03
Filename detected: - ff.exe (1)
URL file hosting
hXXp://fargroup.ir/images/ff.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-06 07:28:43 [36/71] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x73ed4 475136 eee064d818c50f50d2745acb98d0ce14 de6526807d41a25b643380ea85f18d81e9d485c6
.rsrc 0x76000 0x600 1536 7a4ad2ac610c9a3b7d998098547246e5 45e60d26eb14e22f1d9cb602ef7728ea3ff44e21
.reloc 0x78000 0xc 512 bd9ac65a64a8cb4573e5da7cbe8735ed a48dfe340ef05eea5f30d894401f96032591c6cf
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
1.9.0.1
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-11 01:30:05