1.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 49/71
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 225.50 KB (230912 bytes)
Compile time: 2018-10-12 17:27:43
MD5: b968084b436e0a385bd38daa995131f4
SHA1: cd3157241c2956e53b860a67becec668f8b4a679
SHA256: 9a69076780906aa3f5bcba356a893ef9b8269284e83197c84bb5eda1dd39e7c9
Import hash: 39b1f78d067603274800471f7b389c03
Sections 5 .text .rdata .data .rsrc .reloc
Directories 4 import export resource relocation
First submission: 2019-11-09 05:54:06
Last submission: 2019-11-09 05:54:06
Filename detected: - 1.exe (1)
URL file hosting
hXXp://nitish4x.xyz/1.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-08 03:56:38 [49/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0xd9eb 55808 83812333282d1f04086740bfd9c66b9d a31f450f0c1892608f640326c7354bd1c00278fb
.rdata 0xf000 0x1698a 92672 cdf28f462535cb499d0782440c91c744 5bd1f3ec84d3819bed1cdbfb8cbe2e4501887c80
.data 0x26000 0xd5620 21504 ab60960af402e4f29636752d3bacc588 18f077cd6252109b0fe2614ac552c10efb31d8fc
.rsrc 0xfc000 0xd450 54784 75909bdb7ed8acb7a71011490484fc0b c1d5efb1ecbd083760c310618fdaef3826097052
.reloc 0x10a000 0x120c 5120 0b94f40440e0c9721c599d8fb70f7c10 3d999f088f2ef3dfb1c6f800252206a80a5816e0
  • API Alert
  • Anti Debug
  • PE Exports: 1.exe
    • 0x40e980
      @MyFunc124@4
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
File found
FIle type: Library
mscoree.dll
USER32.dll
KERNEL32.dll
ADVAPI32.dll
IP Found
1.0.4.4
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-09 05:54:07