yaa.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 52/71 Related 2627
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 122.50 KB (125440 bytes)
Compile time: 2019-10-08 00:37:07
MD5: fa94e348babc6c9d0feaf30f6808fa62
SHA1: b5ae65280e82885ee0bdb296db73cf35ec529614
SHA256: 72a9c61451232641d2a044a1f4774fed933c58f6dc2884becdf0b4bd1de95ac2
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 2 .text .reloc
Directories 2 import relocation
First submission: 2019-10-21 03:33:03
Last submission: 2019-10-21 04:24:04
Filename detected: - yaa.exe (2)
URL file hosting
hXXp://[www].gessuae.ae/wp-includes/fonts/yaa.exeVirusTotal
hXXp://gessuae.ae/wp-includes/fonts/yaa.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-10-15 09:04:27 [52/71] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x1e484 124416 bb257d6021c1b9700cc2742f8d1c4fa2 793bd954a134ab7180838a2ca4f97399d5c00dc9
.reloc 0x22000 0xc 512 592577192cb2d520fbd50ea311d151a3 76a3de4296d053d246c2549df3be4bf7ae9c5a29
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-10-21 03:33:03