elb.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 52/70 Related 2772
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 282.00 KB (288768 bytes)
Compile time: 2019-12-03 22:40:51
MD5: ce8719677976b64bff146934cab496b1
SHA1: 8a053349a09f4afcc92b013ae6d1b76027d6cd28
SHA256: 1eeceb6053bc950b05bdd271ff3ddcdddbc3ea3e3babb5bf5fe641805039e266
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-12-10 11:39:04
Last submission: 2019-12-10 11:39:04
Filename detected: - elb.exe (1)
URL file hosting
hXXp://[www].teorija.rs/storage/framework/elb.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-12-09 16:03:34 [52/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x45d64 286208 782aedecc4d16fcc22aa783dd12983e6 e1e914841b769cf537497fc796511f771d3f38d2
.rsrc 0x48000 0x510 1536 dc3ac98167af6bdaf521f52ef544e079 96d66574d8051beaeeb0092744ad46d57de19cd8
.reloc 0x4a000 0xc 512 a99a06af05b020ad0ab9eba4c580cd2e 4f19155dbaab3583b8499314b1eee1b90f0294a1
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
psapi.dll
mscoree.dll
vaultcli.dll
IP Found
0.1.2.3
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-12-10 11:39:05