Cz3Y

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 49/71 Related 2
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 252.25 KB (258308 bytes)
Compile time: 2020-01-22 18:39:15
MD5: af9bdf0c0fff01cd42a3688e60d8e50a
SHA1: 6b1d629c3125701b2e4beac13ef43e228e333bb3
SHA256: 975367587828b8938097a66d8ec671e932bec7c1a90933fc9e345f04c4edb14b
Import hash: 4ddbf6d7dca6fa2386714a7569cf0855
Sections 4 .text .rdata .data .rsrc
Directories 2 import resource
First submission: 2020-02-16 08:36:06
Last submission: 2020-02-16 08:36:06
Filename detected: - Cz3Y (1)
URL file hosting
hXXp://intranet.pagei.gethompy.com/wp-includes/Cz3Y/VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-01-27 11:19:37 [49/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x1f4bb 131072 fff4e6148e0337a561f4985565b43687 e28a8962366895edc2b0d162967fbd5c665d2068
.rdata 0x21000 0x7d8e 32768 f9824eb5fe98c71d708e596db902e465 a1f8169e1b4a34cedeb0cc548300dc3b449cb43e
.data 0x29000 0x5254 8192 ae8196c9b8de52a4f8892ae7cae09287 d8cc22a14e72938db3775e373398e7b009c3d32d
.rsrc 0x2f000 0x13f48 81920 aef8f6e60ab4b6dc77b0306398c84589 c6e75aafeec643208cb65f7cedbf3f7d0d99c7b4
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ v7.0
Armadillo v2.xx (CopyMem II)
Microsoft Visual C++ 7.0
File found
FIle type: Object
hhctrl.ocx
FIle type: Text
testfile.txt
FIle type: Library
crypt32.dll
ntdll.dll
KERNEL32.dll
USER32.dll
ADVAPI32.dll
SHELL32.dll
OLEAUT32.dll
comdlg32.dll
%s.dll
comctl32.dll
SHLWAPI.dll
mscoree.dll
OLEACC.dll
ole32.dll
GDI32.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-02-16 08:36:08