appupdui_01.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 38/70 Related 1
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 1303.30 KB (1334584 bytes)
Compile time: 2019-08-22 04:54:25
MD5: cacde94fca1c59da4d068c2b19169ac6
SHA1: d500534054c7f0994b355e2380ee7edbd6eaa0b2
SHA256: e1555425e363bb8e9fd172f5609dea4cddedba88fdfcee4430d9e5f953f55ef8
Import hash: 27b7cf8a9476e9d4d16161fae91c106c
Sections 7 .text .rdata .data .gfids .tls .rsrc .reloc
Directories 6 import resource debug tls relocation security
Anti Virtual Machine 1 VMCheck.dll
First submission: 2019-09-07 11:24:12
Last submission: 2019-09-07 11:24:12
Filename detected: - appupdui_01.exe (1)
URL file hosting
hXXp://download.zjsyawqj.cn/jjbq/appupdui/v1.0.8.22/appupdui_01.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-09-03 06:53:47 [38/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0xe0123 918016 b246b8e023e2fd42bd3f208e07bc2727 2e1e0e8781618fb3416344a6af7ec28c2c472d28
.rdata 0xe2000 0x31e58 204800 1b612848cafff36b5f23265d754492ff de5191627ab47e006a0a75f7ac280f23712991e9
.data 0x114000 0x3c54 9216 9498f748e40f70ca2fbe7a063b09b3b2 e71fab159a4ee51bb03299d0fe5d6c5f8ff56a67
.gfids 0x118000 0x1d8 512 313032a82c6cb405b3dccd0f8d32de98 5f120c29e1c8ceb45380474bb14df53a670b347b
.tls 0x119000 0x9 512 1f354d76203061bfdd5a53dae48d5435 aa0d33a0c854e073439067876e932688b65cb6a9
.rsrc 0x11a000 0x245e8 148992 6742b970dd2db0dd722d845cb20e8345 386920838f00a77a5f1811dcacfdbad72a2c3a32
.reloc 0x13f000 0xbbb0 48128 a370cb2dadf3c41246be41f287c3e8a9 57d6994591b41137aac58a2da2a6af5ed59a0fac
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: 5cfca6af2451bf6b44789530f5c30f3b
SHA1: bf0cc512869b30b4be4450343d19fd96f3e4ed8b
Block Size: 3384
Virtual Address: 1331200
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: XML
menu_%s.xml
ads.xml
%s.xml
appupdui.xml
FIle type: Library
mscoree.dll
MSIMG32.dll
KERNEL32.dll
USER32.dll
DMsftedit.dll
ADVAPI32.dll
SHLWAPI.dll
OLEAUT32.dll
IMM32.dll
WININET.dll
WS2_32.DLL
WLDAP32.dll
SHELL32.dll
comctl32.dll
ole32.dll
gdiplus.dll
urlmon.dll
GDI32.dll
IP Found
1.0.0.1
127.0.0.1
URL(s)
http://crl.globalsign.com/gsextendcodesignsha2g3.crl0
ftp://%s:%s@%s
https://www.globalsign.com/repository/0
file://
http://myip.ipip.net
http://secure.globalsign.com/cacert/gsextendcodesignsha2g3ocsp.crt0
http://ocsp2.globalsign.com/rootr306
file://hostname/,
http://ocsp2.globalsign.com/gsextendcodesignsha2g30U
https://curl.haxx.se/docs/http-cookies.html
http://crl.globalsign.com/root-r3.crl0b
ftp://

#infosec #automation

TheSystem Itself @ 2019-09-07 11:24:14