20190410125938

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 36/66 Related 2135
File details Download PDF Report
File type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 6.00 KB (6144 bytes)
Compile time: 2019-04-10 18:59:48
MD5: fa4a414fafc8d6d2b5d8eac7aecbbfbc
SHA1: 7d0852d921f5992ca58976f2e442517d82ea7fe9
SHA256: 0d0600ee16330c059dec36ab01709bf402b829bcde1ebde583ccad42ee83845e
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-04-15 20:39:03
Last submission: 2019-04-15 20:39:03
Filename detected: - 20190410125938 (1)
URL file hosting
hXXp://c2.howielab.com/C2/Agent/20190410125938VirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-04-12 18:03:41 [36/66] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0xd74 3584 05a7449338e48ed21222d7da2075180c 500d994a0b3c8ce6a6ce938a46b0a8639df95511
.rsrc 0x4000 0x4f0 1536 14937cd20b6895f3d9b94934a2beba0b b0e4402a21c1e6133bc94b5293ffa01551da1886
.reloc 0x6000 0xc 512 889ad770e5e1bbc30f73e05ba06c6cf0 d63418826083b74167022e74c75cf27ef53f8045
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Text
systeminfo.txt
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
http://c2.howielab.com/C2/Upload/20190410125938
http://c2.howielab.com/C2/Command/20190410125938

#infosec #automation

TheSystem Itself @ 2019-04-15 20:39:04