windrr.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 38/70 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 1377.73 KB (1410792 bytes)
Compile time: 2019-11-06 10:53:03
MD5: df6d5e08ce43828353f5bdc43b44c795
SHA1: ee702cb54c3b6dd6f8f9e055a357f19b6ea8053c
SHA256: 7d3799901b4031fdaea0e2e1c0822b1183766d12405039fd75d48344db61ab73
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-09 09:03:08
Last submission: 2019-11-09 09:03:08
Filename detected: - windrr.exe (1)
URL file hosting
hXXp://securefiless-001-site1.ftempurl.com/windrr.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-07 18:02:48 [38/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x26f34 159744 55b1327eb027917f774d70479ea91a6a 9f4d49b5cb501982e6f18bc78c898f715a67ce84
.rsrc 0x2a000 0x108712 1083392 38b3c2d4546e1949c49b3d87ca8b8bfb 5951ef4979107a70315fcffa1b333e149483e771
.reloc 0x134000 0xc 512 72ac68900678b2b0624aae949de83494 d4cb6790a1ad8ea60e9cb15f2670825df1e4f017
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
fff.dll
mscoree.dll
KERNEL32.dll
IP Found
6.9.0.114
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-09 09:03:09