MalScore
100/100
MalFamily
Disttrack

MaintenaceSrv32.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 44/71
File details Download PDF Report
File type: PE32 executable (console) Intel 80386, for MS Windows
File size: 1851.00 KB (1895424 bytes)
Compile time: 2011-11-28 16:50:59
MD5: de07c4ac94a50663851e5dabe6e50d1f
SHA1: df177772518a8fcedbbc805ceed8daecc0f42fed
SHA256: c3ab58b3154e5f5101ba74fccfd27a9ab445e41262cdf47e8cc3be7416a5904f
Import hash: 53e316887bac4e36b2dfef0e711a3d8e
Sections 5 .text .rdata .data .rsrc .reloc
Directories 3 import resource relocation
First submission: 2018-12-14 10:23:10
Last submission: 2018-12-14 10:23:10
Filename detected: - MaintenaceSrv32.exe (1)
URL file hosting
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-12-12 15:00:01 [44/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x1e553 124416 0e1b06143ae3142e6a0c3c45d9583348 2ef4563f4ee946060023372c2f7edfe8c328d5f6
.rdata 0x20000 0x6114 25088 81b4f693000445c6e48b2f531e60b116 7a0a7f5e00085b59e143291edf3e7ae2f0cda84d
.data 0x27000 0xc6c4 39936 b98138c3291ed8593569728d432c5bbe 0d67cfcdb900e994ed1c3d77d960aeecc38c9ab4
.rsrc 0x34000 0x19d88c 1694208 e4ec46293f6c8ce5dedc73ac9a153075 bc5185644ad4b3f14f783449a2af36c43703fc71
.reloc 0x1d2000 0x2942 10752 c3c307ad75c37db8cba6d515fecbdc01 9f990bbda8fe359c5fe8ca5d9a75b99bd01fb731
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Database
/Y.dB
FIle type: Library
WUSER32.DLL
nKERNEL32.DLL
mscoree.dll
ADVAPI32.dll
Netapi32.dll
WS2_32.DLL
GDI32.dll
USER32.dll
KERNEL32.dll
WINMM.dll
SHELL32.dll
IP Found
No IP detected
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05b_64 Seven05b_64 VirtualBox 2018-12-14 10:14:18 2018-12-14 10:17:18 180

5 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05b_64 Seven05b_64 VirtualBox 2018-12-14 10:14:18 2018-12-14 10:17:18 180

3 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles

Read Keys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

kernel32.dll.FlsAlloc
kernel32.dll.FlsGetValue
kernel32.dll.FlsSetValue
kernel32.dll.FlsFree

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

Detected family: #Disttrack

TheSystem Itself @ 2018-12-14 10:28:02