MalScore
100/100
MalFamily
Malicious

nvc1.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 48/70 Related 2707
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 1390.00 KB (1423360 bytes)
Compile time: 1986-03-24 06:37:52
MD5: c64fc94b2587878c01378ff3fcef6b3c
SHA1: 3212115cf069e8ac1f49bff510cb9fd26eacc97c
SHA256: cd7a19dc7bcd702ba91fd8b3d9ab1bb1cbc55759178afdeaea12421f21488c30
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 4 .text .sdata .rsrc .reloc
Directories 3 import resource relocation
Anti Virtual Machine 1 Virtual Box
First submission: 2018-11-30 16:57:05
Last submission: 2018-11-30 16:57:05
Filename detected: - nvc1.exe (1)
URL file hosting
hXXp://bonheur-salon.net/wp-content/uploads/nvc1.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-11-29 21:43:20 [48/70] VirusTotal
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x14fb34 1375232 e98fb768c53623da50713939543cb815 02985e83353913e50652d5f2429406de11eb9c7c
.sdata 0x152000 0xad8c 44544 c1a38119a0d889171df97650796a39f3 a89ad4e4a2682327db5586981605663a3b43df6e
.rsrc 0x15e000 0x630 2048 414d4d06e362ee8d8b4d625b6ac2ba4f 08e3ffae55473a5bd059f8e7d565e68fcdccb774
.reloc 0x160000 0xc 512 4eda42f7599c79712fd3f8dc3e219e53 a7b506b470168e56eb9d9f7ce3f27c53d029be47
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
10.4.27.2
URL(s)
file:///
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05b_64 Seven05b_64 VirtualBox 2018-11-30 16:48:35 2018-11-30 16:51:35 180

2 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05b_64 Seven05b_64 VirtualBox 2018-11-30 16:48:35 2018-11-30 16:51:35 180

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2018-11-30 16:57:22

Detected family: #Malicious

TheSystem Itself @ 2018-11-30 17:06:02