vcruntime140.dll

First submission 2024-02-08 16:42:32

File details

File type: PE32 executable (DLL) (console) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 54.58 KB (55886 bytes)
Compile time: 2019-07-18 23:54:04
MD5: 49fb600fb33ed0a1a4158d2c641a0804
SHA1: 6605c2f666179fc303f56d5f8fd7bc5bbaae7303
SHA256: fde2e0da6daac5cd8cb9d5dd99eaa0f0dde6895a3b1bccfaaebc738dd832bb92
Sections 5 .text .data .idata .rsrc .reloc
Directories 6 import export resource debug relocation security
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://91.206.178.118/a9d06ea3fe859ab7/vcruntime140.dll VirusTotal Report 91.206.178.118 VirusTotal Report 2024-02-08 16:42:33

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0xdcf4 56832 51390500771635758b9deae89d6f3a328f297c95 f45db1a808ad919629ec2a8bc0e2d795
.data 0xf000 0x5f4 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.idata 0x10000 0x584 1536 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x11000 0x400 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.reloc 0x12000 0xa10 3072 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e

Packers detected 1

AHTeam EP Protector 0.3 (fake PCGuard 4.03-4.15) -> FEUERRADER

File signature

MD5 SHA1 Block size Virtual Address
d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 16880 64000