rFZyvo

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 55/72 Related 2
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 428.10 KB (438376 bytes)
Compile time: 2020-01-21 17:45:37
MD5: f1a273feca493d6b1d3a531f6767ca0f
SHA1: 0d5509f6b3971024072d0ab7f4058a30d7a32b7a
SHA256: 596a749bb43812707e5b39f71630b66778a0402025a43a78a2ccc456b2867cec
Import hash: c028bc9e2cfabf4597f192c72133e79a
Sections 4 .text .rdata .data .rsrc
Directories 3 import resource debug
Anti Virtual Machine 1 VMCheck.dll
First submission: 2020-02-17 23:12:07
Last submission: 2020-02-17 23:12:07
Filename detected: - rFZyvo (1)
URL file hosting
hXXp://sda-suisse.ch/administrator/rFZyvo/VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2020-02-03 23:25:13 [55/72] VirusTotal
PE Sections 0 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x3eb40 258048 856c70d7b02e4e8d622945341b36e51e 27238059457eef9992fc80e4b102919364d86dbe
.rdata 0x40000 0xc05c 53248 a7180d59ca2c534d5b1ed8a886de1c0d d376392be942a969b963ec7c82ca3e3d1232ee5d
.data 0x4d000 0x151c4 16384 64a2c43e81378cf71c36c298fe37c5b0 5c8126e1cb9c8f70a53b54ef34307f705a29a7d3
.rsrc 0x63000 0x19bc8 106496 fffd26dde6ae35580e9fc8779cae279f e5c195543fa530206e3110195db488dfc3b04e06
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C++ 8
VC8 -> Microsoft Corporation
File found
FIle type: Log
%s.log
%s_%d.log
FIle type: Library
crypt32.dll
ntdll.dll
KERNEL32.dll
ADVAPI32.dll
OLEAUT32.dll
comdlg32.dll
USER32.dll
comctl32.dll
mscoree.dll
ole32.dll
GDI32.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2020-02-17 23:12:08