shao.jpg

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 10/68 Related 2476
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 131.00 KB (134144 bytes)
Compile time: 2019-09-17 20:15:04
MD5: a3064ae3262154379ae5d6b5ee01c958
SHA1: e864a35892970609797f5bc37ff53d6fefda83a9
SHA256: d526be52d1477f5ffe910e198cd1880e8e9d3a5604971a395c39ccd5da0dd939
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 4 .text .sdata .rsrc .reloc
Directories 4 import resource debug relocation
First submission: 2019-09-18 08:57:08
Last submission: 2019-09-18 08:57:08
Filename detected: - shao.jpg (1)
URL file hosting
hXXp://hrpm.ca/hrExport/pos/shao.jpgVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-09-17 21:15:21 [10/68] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x1fb84 130048 70a656368ad3453554566398b1713cdc ae5ab19c3012137300dc027aa35e10d205f46492
.sdata 0x22000 0x2e8 1024 e67450bd5069f96dfce01f06448d6a06 6e5ecd3ca6b1588dde0e863fafe674a3ea3b82cc
.rsrc 0x24000 0x5f4 1536 bb33b5b921798e91426a36c4a340fffa e37ad1ba3072a156aec742e3ff87943f21ede141
.reloc 0x26000 0xc 512 6c34ddf5a6366b7d7f7b76e3f8378200 38b60aa22d810553107c8ff35705ec6d5515d9d6
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
USER32.dll
mscoree.dll
GDI32.dll
KERNEL32.dll
IP Found
11.3.0.1
URL(s)
file:///

#infosec #automation

TheSystem Itself @ 2019-09-18 08:57:09