cars.gif

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 6009.06 KB (6153280 bytes)
Compile time: 2020-09-11 16:56:19
MD5: f15c38ca92588c369b59dd4bcdba4523
SHA1: d53670808cde4d1a6eaf6a32e411801200625a9c
SHA256: aa20f571812d9d7b1ac6be9299235743ee819d35b4a92b9e3aa675deb4db13d5
Import hash: 1583e707225ef5ae502498ae2aba3c13
Sections 5 .text .text2 .rdata .data .rsrc
Directories 3 import resource security
First submission: 2021-02-03 20:51:07
Last submission: 2021-02-03 20:51:07
Filename detected: - cars.gif (1)
URL file hosting
hXXps://asiagroup.in/cars.gifVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x21564 136704 21dda075f75df1b2b8a352537c047309 0982ddeb1db8c620be788efae460afc4ed88d16e
.text2 0x23000 0x82 512 5f200e7f6f296150361c6295dc470ddb d395654504a480ab34914fe57c52e2492f021be6
.rdata 0x24000 0x132 512 42fe8fe16495892d28dd73b69d65ab99 e8e18d27f55403b76d6bd59258f32ad420884158
.data 0x25000 0x592d7c 5844480 cde622b2df9009cb801aa23b0d055c98 2853953d6888bd0cc33f851f4fb7075b6fce81e5
.rsrc 0x5b8000 0x292bc 168960 fbf3484d664b151dcc99ba0aeded1770 28fc2ad97b22630d13a1ae54acb259e26a7cbee3
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: 370f8c9fece65e29d993d8567f7d1606
SHA1: 3f32b25a0cee71e5fdfa4bfbd8f2cd1e72abf8ce
Block Size: 1088
Virtual Address: 6152192
Packer(s)
Borland Delphi 3.0 (???)
File found
FIle type: Library
ADVAPI32.dll
KERNEL32.dll
IP Found
1.0.0.1
URL(s)
http://schemas.microsoft.com/SMI/2005/WindowsSettings
https://www.example.com/my_product/info.html0

#infosec #automation

TheSystem Itself @ 2021-02-03 20:51:09