MalScore
100/100
MalFamily
Malicious

GCQ2V2.jpg

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 19/68 Related 2476
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 345.00 KB (353280 bytes)
Compile time: 1997-07-29 13:51:37
MD5: b4f7d6c32fd88f6f0743eb92dead9508
SHA1: 148dc196a6c47cf25e09b626d061c9ea1d5ba531
SHA256: 08812395ae9ee8cced9280aa0da4186a06d69e9bc2a1aef970ca383f504a4779
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 5 F82-jJ5, .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2018-12-07 08:54:03
Last submission: 2018-12-07 08:54:03
Filename detected: - GCQ2V2.jpg (1)
URL file hosting
hXXps://f.coka.la/GCQ2V2.jpgVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-11-29 07:30:06 [19/68] VirusTotal
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
F82-jJ5, 0x2000 0x2bcfc 179712 76c365ff9d367917ae059586880825aa e8cd2d157c7d447e7489ee19ec013c54f004814a
.text 0x2e000 0x295f0 169472 635dee5e36f97e82601b9145e629c544 232a1d3c7f387f747db4cba763e9de71aa4170a0
.rsrc 0x58000 0x640 2048 6a19398676f93fc6d725d2df09872ee8 7d1a67b0b960cacffe28e386474638512d85063b
.reloc 0x5a000 0xc 512 8e315e7289dfe45e8ab44953ac185ce8 616b8665282e75dd3263da67f62ab20d4a31bf60
0x5c000 0x10 512 69236fc4d474f9dc27c6056d7b8cdb51 f523ffbb2f491a434124bf751255c6cec06eca1a
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Library
KERNEL32.dll
mscoree.dll
IP Found
13.11.19.2
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven01b_64 Seven01b_64 VirtualBox 2018-12-07 08:45:23 2018-12-07 08:48:19 176

1 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven01b_64 Seven01b_64 VirtualBox 2018-12-07 08:45:23 2018-12-07 08:48:19 176

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2018-12-07 08:54:06

Detected family: #Malicious

TheSystem Itself @ 2018-12-07 08:58:02