g.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 61/73 Related 2779
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 447.50 KB (458240 bytes)
Compile time: 2020-02-06 08:45:13
MD5: abb7d2d64ee38fb8fb9b0191126a280c
SHA1: c586ef2a76ce32d55cf213e56e377f05d8b0ab51
SHA256: c9276a78a7dfb0c9dd3f5c19c5da3c965e0e63ab9c02b6192edb2c7dc21e7b9d
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .reloc .rsrc
Directories 3 import resource relocation
First submission: 2020-04-05 12:51:04
Last submission: 2020-04-05 13:24:05
Filename detected: - g.exe (4)
URL file hosting
hXXps://fs12n5.sendspace.com/dlpro/26ff322b8a3f76791493c1914c9e8382/5e409e0b/rdul3d/g.exeVirusTotal
hXXp://fs12n1.sendspace.com/dlpro/7d6620756eb6d96cdd79d5222a950d65/5e40884d/rdul3d/g.exeVirusTotal
hXXps://fs12n2.sendspace.com/dlpro/c79533e3b4a9353aef1285309930ca5a/5e403837/rdul3d/g.exeVirusTotal
hXXps://fs12n2.sendspace.com/dlpro/b9c5235bb3049bbfc7d25856210dd47e/5e418c45/rdul3d/g.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-03-29 05:35:04 [61/73] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x675dc 423424 487d642d4660e3756b570b277bccb046 bf8e3822852a736f9a263c7d0e0d84172f69946f
.reloc 0x6a000 0xc 512 087da52681910103119c19cac311aebf 08de71c892516e68f69a4cd94457fd4e40810763
.rsrc 0x6c000 0x83b0 33792 27ff35af5fe6f5dc54fd3fcca6e51f82 18c7dba6af4339c3aee8be644211ced0f6aa6337
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
KERNEL32.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-04-05 12:51:06