ff.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 56/71 Related 2627
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 122.00 KB (124928 bytes)
Compile time: 2019-10-08 23:49:52
MD5: b3b4cbea2acb120296a6c1efa41864f5
SHA1: 8a00aa37e91ec6e2c28ba57420e258c30490bf95
SHA256: 8807f0a3af3037175db5e1f4dbf92a5e232bdad93005f8ae8582e89b10a815b4
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 2 .text .reloc
Directories 2 import relocation
First submission: 2019-10-21 03:57:04
Last submission: 2019-10-21 04:48:04
Filename detected: - ff.exe (2)
URL file hosting
hXXp://[www].gessuae.ae/wp-includes/fonts/ff.exeVirusTotal
hXXp://gessuae.ae/wp-includes/fonts/ff.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-10-18 07:18:25 [56/71] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x1e394 123904 6ce5c12dab6891133a26460efffee248 68215ce2adc38dbca31ad7f2a05ec2d506891122
.reloc 0x22000 0xc 512 34b2ec62ff11fa17ad0a0217c7b4eb20 861a06e931c85f4d31000127b7430fe498247a04
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-10-21 03:57:04