UEFIVAR.EXE

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 23/68 Related 2714
File details Download PDF Report
File type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 328.50 KB (336384 bytes)
Compile time: 2017-11-22 16:59:56
MD5: d35996a70e4f9aa44cc559453e18106e
SHA1: ae2d1c9e4de66a80b9edc9059e0aba60dd9d638e
SHA256: a3211f56cd04ca5d258e99b3cca9a535324b31464ad2579f44476da3ff644abd
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-05 11:27:04
Last submission: 2019-11-05 11:27:04
Filename detected: - UEFIVAR.EXE (1)
URL file hosting
hXXps://gist.githubusercontent.com/Zibri/19f9838ffd12349bb2c6c3afddc9388f/raw/01977fd3c7e036c3a38f062f626fd189ba1e1aa3/UEFIVAR.EXEVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-03 10:30:42 [23/68] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x50a34 330752 9ae1cb0c4ddd226f47d2337bcd9ecd32 847b9cabfd075ccfc82cf06b27e937771cab257f
.rsrc 0x54000 0x1058 4608 eecef29bc6c3651ef40838045814a204 495e332c898e881a0d96127902abe40bd26e4a67
.reloc 0x56000 0xc 512 03552935da80950603aa6b84a26a1068 d4ab25de21b036c1a22a50221527202f1de47c89
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
http://schemas.microsoft.com/SMI/2005/WindowsSettings
http://www.zibri.org

#infosec #automation

TheSystem Itself @ 2019-11-05 11:27:05