4366Game_cqsja.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 3
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, Nullsoft Installer self-extracting archive
File size: 4973.95 KB (5093328 bytes)
Compile time: 2016-04-02 05:20:05
MD5: fffd75b23c81c3b7be5e09affa830db7
SHA1: 0086cfb7b7f3d164fc4705a42c1a55c4b5e14ab3
SHA256: e91a69ccaca53fd85da494a714687ec207b478a75031affff71e2fd90390cf6d
Import hash: 2b6c5f95f7bf33472bbe1fa2f8decb72
Sections 3 UPX0 UPX1 .rsrc
Directories 3 import resource security
First submission: 2020-11-20 07:12:12
Last submission: 2020-11-20 07:12:12
Filename detected: - 4366Game_cqsja.exe (1)
URL file hosting
hXXp://cgameres.game.yy.com/cgame/lobby4366/4366Game_cqsja.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
UPX0 0x1000 0x3b000 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709
UPX1 0x3c000 0x5000 18432 50484dac174c4397cd803ebe8a4b232f a56890b6a4d9bba544123705ff80e71681c5b80a
.rsrc 0x41000 0xe000 55808 ae79302b0aa02c8561fb624721ea3838 02a6f1f4c87ab22a365eb2350dd27cfe663f96dc
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
MD5: 1fb177192a825b1463925caf047331e5
SHA1: d01406d033eae95058058732801272c9dc0f5e18
Block Size: 3304
Virtual Address: 5090024
Packer(s)
UPX -> www.upx.sourceforge.net
File found
FIle type: Library
ADVAPI32.dll
SHELL32.dll
USER32.dll
KERNEL32.dll
comctl32.dll
ole32.dll
GDI32.dll
'32.dll
IP Found
3.0.0.20
URL(s)
http://s2.symcb.com0
http://www.symauth.com/rpa00
http://sv.symcb.com/sv.crt0
http://sv.symcd.com0&
http://www.symauth.com/cps0(
http://sv.symcb.com/sv.crl0a
https://d.symcb.com/cps0%
http://s1.symcb.com/pca3-g5.crl0
https://d.symcb.com/rpa0

#infosec #automation

TheSystem Itself @ 2020-11-20 07:12:13