ultimo.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 51/69 Related 2734
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 2494.00 KB (2553856 bytes)
Compile time: 2019-10-06 17:54:30
MD5: adb8fff7300443c77ab4850014f1f946
SHA1: 6c45944eb73c64aa5cf7d004c7ca5eba0dd7b941
SHA256: 0c66db45073e1acd6bbfb05f365ea54dd574b96db6c8097ef33a4e50bcfed81d
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource debug relocation
First submission: 2019-12-12 10:00:09
Last submission: 2019-12-12 10:00:09
Filename detected: - ultimo.exe (1)
URL file hosting
hXXps://[www].corph.in/ultimo.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-12-07 22:25:46 [51/69] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x26ed1c 2551296 32060b47f377f4eb974c0f8b9bcbdc7f 4bddcc0845fdae320ce3f3293ea6e267b6ae3f9d
.rsrc 0x272000 0x5b8 1536 c4cede412285b46eb058f3cc27c63249 68327695ce4f55e1f22aef3b47c18de7fb4d0e55
.reloc 0x274000 0xc 512 ed306a50abb9fb6cd275fe90c47444e4 4ac51685a44c49d6627b1d4656cb03e1f1f90058
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Log
thekeydata.log
FIle type: Text
Dbg.txt
FIle type: Library
USER32.dll
mscoree.dll
dwmapi.dll
WINMM.dll
FIle type: Web Page
http://moscow11.at/mailo/get.php
IP Found
No IP detected
URL(s)
https://www.banorte.com/
http://www.w3.org/1999/02/22-rdf-syntax-ns#
http://moscow11.at/mailo/get.php
http://ns.adobe.com/xap/1.0/mm/
http://ns.adobe.com/xap/1.0/sType/ResourceRef#
http://ns.adobe.com/xap/1.0/

#infosec #automation

TheSystem Itself @ 2019-12-12 10:00:11