tor.exe

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 9147.78 KB (9367324 bytes)
Compile time: 1992-06-20 00:22:17
MD5: 8a886831f4de92c68b0afd67afd80791
SHA1: 782df9aed3f88ecaf11698ac3442ed81ea63cfd1
SHA256: 7c16a23f813a0268522c893720921f3eea8cd8b9e497c072cfd3e79cd60f446f
Import hash: aa9704deb6b7834930e0347f0fba7315
Sections 9 CODE DATA BSS .idata .tls .rdata .reloc .rsrc .rdata
Directories 4 import resource tls relocation
First submission: 2021-01-31 03:51:15
Last submission: 2021-01-31 03:51:15
Filename detected: - tor.exe (1)
URL file hosting
hXXp://205.185.125.104/files/tor.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 4 suspicious
Name VAddress VSize Size MD5 SHA1
CODE 0x1000 0x1dba3c 1948672 8361b0c352025f9a45e391570d7a5971 16c5dea4482d19bb6773a2a082ec394438bc65bb
DATA 0x1dd000 0x2984 10752 2cd0b90605f3bdd25fc1b11f9351e769 373d0475c49307d666713d5fd57ee305864963ed
BSS 0x1e0000 0x109d 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.idata 0x1e2000 0x34f4 13824 30a6b90e1abbffcff302f58cef405652 b70d3ae457e2f660ffdfe8f7764d3a570f0d42cd
.tls 0x1e6000 0x10 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
.rdata 0x1e7000 0x18 512 831fc4f5001b06e79da2c95980380e56 55168d4d88059f13b6996f5a8491def25514e707
.reloc 0x1e8000 0x18b98 101376 e50dd3ce797fcd7ab168f8fac5c64d92 14d185ddde2885c7de12200913c50b341d921267
.rsrc 0x201000 0x6fdbb 458240 d72d3b0a3c31685b5bce1aa1539cf12d 1e8e1422c4e1fb814d1a8edd8ff59c4cc1b4cc66
.rdata 0x271000 0x4e20f3e 81920512 d6964010eaab6d936a1736a0146f4b1b bb6fd46106f2ddb2f6f1b91091fe035e5a42c567
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Borland Delphi 3.0 (???)
Borland Delphi 4.0
Borland Delphi v3.0
Borland Delphi v6.0 - v7.0
BobSoft Mini Delphi -> BoB / BobSoft
File found
FIle type: Library
Failed to Save Stream=This control requires version 4.70 or greater of COMCTL32.DLL
Mapi32.dll
SHLWAPI.dll
USER32.dll
UxTheme.dll
comctl32.dll
ole32.dll
IMM32.dll
ADVAPI32.dll
GDI32.dll
gdiplus.dll
OLEAUT32.dll
KERNEL32.dll
riched32.dll
vcltest3.dll
VERSION.dll
SHELL32.dll
IP Found
No IP detected
URL(s)
ftps://
file://
http://
https://
ftp://

#infosec #automation

TheSystem Itself @ 2021-01-31 03:51:16