MalScore
100/100
MalFamily
Msilperseus

GetDataAVK.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 41/71 Related 2135
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 664.50 KB (680448 bytes)
Compile time: 2019-01-15 08:59:17
MD5: 9ce1045ed9b9d6753b47de8cde9b3b4b
SHA1: 4735c7d7e5276785c702757d2600ceee1878d08e
SHA256: 5a274d3417c13272df73e3c5338c8f54c6a96dd6604550e6cf7934c0b55b2d9f
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource debug relocation
Anti Virtual Machine 1 VMCheck.dll
First submission: 2019-01-25 23:51:08
Last submission: 2019-01-25 23:51:08
Filename detected: - GetDataAVK.exe (1)
URL file hosting
hXXp://[www].cnim.mx/v1/plugins/media/GetDataAVK.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-01-25 21:12:16 [41/71] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xa5684 677888 b348998d3910b6d2e2bb7cc08139fc60 0ebcf60180081db0e70da19854038703e548bdac
.rsrc 0xa8000 0x5e0 1536 f2f5213193a0536d76ff46bf94e00306 5905720494a4d8eb610fd57ce33fc985d0b606e9
.reloc 0xaa000 0xc 512 126fe078b2e12218f279bef236373a6d 7fde792619bea7d5c62db1d5a3632ffaea161646
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Email
independentsoft.pst
*.pst
FIle type: Compressed
https://www.mql5.com/ru/articles/download/69/system_data_sqlite.zip
System.Data.SQLite.zip
FIle type: Text
debug.txt
FIle type: Library
sqlite3.dll
costura32.sqlite3.dll
MSVCR80.dll
mscoree.dll
crypt32.dll
KERNEL32.dll
FIle type: Web Page
http://jkadshjkjads.online/mail/get.php
IP Found
No IP detected
URL(s)
https://www.verisign.com/cps0
http://www.apple.com/
https://www.mql5.com/ru/articles/download/69/system_data_sqlite.zip
http://ocsp.verisign.com0
https://www.verisign.com/rpa
http://jkadshjkjads.online/mail/get.php
http://crl.verisign.com/pca3-g5.crl04
https://www.verisign.com/rpa0
http://logo.verisign.com/vslogo.gif04
http://crl.verisign.com/tss-ca.crl0
http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
http://ocsp.verisign.com0;
http://crl.verisign.com/ThawteTimestampingCA.crl0
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven03b_64 Seven03b_64 VirtualBox 2019-01-25 23:40:59 2019-01-25 23:43:55 176

6 Behaviors detected by system signatures