Is DLL
Packer
Anti Debug
Anti VM
Signed
XOR
|
File details
Download PDF Report
|
| File type: |
PE32 executable (GUI) Intel 80386, for MS Windows |
| File size: |
688.00 KB (704512 bytes) |
| Compile time: |
2020-07-27 23:26:59 |
| MD5: |
f56987a8c88d04e4fe00cbb94d897a2e |
| SHA1: |
c7d44f5c147e642fa89017544f9d1b88f2f45ddc |
| SHA256: |
b996f03f0a68fd77b1dd23a2069700c03c83e38f8649d37063b0b69c06001366 |
| Import hash: |
4f055c6d104f67955b2fc107928fe0dc |
| Sections 4 |
.text��� .rdata�� .data��� .rsrc��� |
| Directories 3 |
import resource debug |
| First submission: |
2021-01-07 20:30:08 |
| Last submission: |
2021-01-07 20:30:08 |
| Filename detected: |
- pnfil354257 (1)
|
| URL file hosting |
|---|
hXXp://[www].richardkellogg.com/wp-admin/pnfil354257/ |
| Antivirus Report |
|---|
| Report Date |
Detection Ratio |
Permalink |
Update |
| No report available |
|
| PE Sections 1 suspicious |
|---|
| Name |
VAddress |
VSize |
Size |
MD5 |
SHA1 |
| .text��� |
0x1000 |
0x7854f |
495616 |
020744f9529603910b1db00bbf6adbed |
5abf97decd6c8900e2cf63b84b48a2ee8f0ca832 |
| .rdata�� |
0x7a000 |
0x1da46 |
122880 |
64311f6d9d71bc5a729449a5f3a0ad29 |
f0e8667498940a8396e9dc7322220c50c1e46883 |
| .data��� |
0x98000 |
0xf508 |
49152 |
4b0431a762dac0361388f4de5ebc71cb |
032c68905c1adddd2a9c6df9289ceac1f3f997b7 |
| .rsrc��� |
0xa8000 |
0x73c8 |
32768 |
9ce6a7493944dde905c0deecf70c7232 |
34d73c4bde763b87314782e283aecc8c5fc4dc5c |
| File found |
| FIle type: Object |
| hhctrl.ocx |
| FIle type: Library |
| USER32.dll |
| ADVAPI32.dll |
| SHLWAPI.dll |
| SHELL32.dll |
| KERNEL32.dll |
| OLEAUT32.dll |
| oledlg.dll |
| ntdll.dll |
| comdlg32.dll |
| %s.dll |
| mfcm80.dll |
| mscoree.dll |
| OLEACC.dll |
| comctl32.dll |
| ole32.dll |
| GDI32.dll |
| URL(s) |
| http://www.ucancode.net |
| http://www.ucancode.net/Products/free%20product/colorpicker.htm |
#infosec #automation
TheSystem Itself @ 2021-01-07 20:30:09