Please ensure you understand and agree with our data protection policy before using this site. Review Policy
Online Virus Checker | v.1.0.181.174 |
DB Version: | 2024-07-09 13:00:26 |
Packing is a common tactic used by malware authors to make their malicious code more difficult to analyze and detect by antivirus and security programs. These techniques involve compressing, encrypting, or otherwise altering the malware's code to make it appear different from its original form. The goal is to hide the true nature of the malware from security tools.
File | PanoCommand.dll |
Checked | 2024-07-09 10:15:16 |
MD5 | 6ad34fcad75074bbf0eb3ca654ff704b |
SHA1 | 8abcfa51224ca6ed7e0a8c904ec9979bc19843d5 |
SHA256 | dbf671c1520f919538b073708dd7ec84c7eeaeac0939441f986282aa1adff750 |
SHA512 | 9d699fb6ee0a8115dc698a53634e1eb8c751b6c703ab4a5a908e4c20fc6377dcf2c3d05c6661e7b5a923a9d5fdb8caf3ab3c779a6ab6ce899c043db688c3b974 |
Imphash | 60fcf104a34f14201db242ba8720de68 |
File Size | 3560980 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win64.Packed.ns without requiring further user intervention.
Comments | |
CompanyName | |
FileDescription | |
FileVersion | |
InternalName | |
LegalCopyright | |
OriginalFilename | |
ProductName | |
ProductVersion | |
Translation | 0x0409 0x04b0 |
Image Base: | 0x180000000 |
Entry Point: | 0x18092a000 |
Compilation: | 2020-11-16 15:23:38 |
Checksum: | 0x0036f1d5 (Actual: 0x0036e43e) |
OS Version: | 6.0 |
PEiD: | PE32+ executable (DLL) (console) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 13 |
Imports: | kernel32, PanoUnique, SHELL32, HighPoly, ole32, MSVCP140, VCRUNTIME140, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-convert-l1-1-0, |
Exports: | 47 |
Resources: | 2 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
0x00001000 | 0x0001639e | 0x000086c0 | 8f6b0f608a5a20f0c319071031c32e76 | 7.98 | |
0x00018000 | 0x0000ad5c | 0x00002c83 | a902ca20bbc94e6a8e37b99b8a49e952 | 7.93 | |
0x00023000 | 0x00000318 | 0x000000dc | f69f226a1eadaa74207b5d9a401ef5d3 | 6.95 | |
0x00024000 | 0x00000d74 | 0x0000078e | 3082db608ac8b5e7a5ac46921372ef08 | 7.69 | |
0x00025000 | 0x000004e8 | 0x00000262 | 8031435669e8d32f0a2ebf97cf75c31b | 7.64 | |
0x00026000 | 0x000000c0 | 0x000000bc | 6c3a0e99677234b18e3142bf59e83a18 | 6.27 | |
0x00027000 | 0x000003e8 | 0x00000081 | 0638c8fca48b6390376b4e92840f4cad | 6.48 | |
.exports | 0x00028000 | 0x00001000 | 0x00000e00 | bafbcb197d688244aa0230863f91dc8b | 5.34 |
.imports | 0x00029000 | 0x00001000 | 0x00000400 | 0e785ac11fee36335babe61e41d886e0 | 3.53 |
.rsrc | 0x0002a000 | 0x00001000 | 0x00000600 | 550c9baab95960dd8b309661f0642a34 | 3.24 |
.themida | 0x0002b000 | 0x005aa000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.boot | 0x005d5000 | 0x00355000 | 0x00355000 | db44ff591397f0b0401ba8ddd284d0c0 | 7.96 |
.taggant | 0x0092a000 | 0x00002200 | 0x00002014 | 5e387198b4ac27600b87d78974ee54c4 | 6.83 |