SquR

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 62/72 Related 1
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
File size: 480.18 KB (491703 bytes)
Compile time: 2020-02-06 22:12:52
MD5: e3b50e6407d22f7dfd215592df716a3f
SHA1: e6860430647e568b0760ec4c4dabeffbc3b6d0d8
SHA256: aa0cbe599839db940f6cc2f4ca1383dbb9937b8c7dd6460847c983523cd63c39
Import hash: 3d529fe0f26207e984ca58c4482ecf88
Sections 3 UPX0 UPX1 .rsrc
Directories 3 import resource relocation
First submission: 2020-03-22 02:21:08
Last submission: 2020-03-25 08:21:05
Filename detected: - Hz (1)
- 6xEQD (1)
- SquR (1)
URL file hosting
hXXps://[www].kaiwangdian.com/wp-includes/Hz/VirusTotal
hXXp://janusblockchain.com/oauth/6xEQD/VirusTotal
hXXp://tepcian.utcc.ac.th/wp-admin/SquR/VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-03-13 00:23:05 [62/72] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
UPX0 0x1000 0x7e000 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
UPX1 0x7f000 0x42000 269824 27786f10e2b496686282087bc71a08f9 5f4501bb2b2aa0bd279c98e871fc11468c7dabf6
.rsrc 0xc1000 0x36000 220672 7dcf8b8c638029d2ff77dc68a16ecadf babea3c361a898def1c11c34fbe5e17a38285636
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
UPX v0.80 - v0.84
UPX 2.90 (LZMA)
UPX -> www.upx.sourceforge.net
File found
FIle type: Library
ADVAPI32.dll
GDI32.dll
SHELL32.dll
OLEAUT32.dll
SHLWAPI.dll
KERNEL32.dll
comdlg32.dll
ole32.dll
comctl32.dll
USER32.dll
IP Found
1.0.0.1
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-03-22 02:21:10