whe.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 30/61 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 305.50 KB (312832 bytes)
Compile time: 2019-11-10 22:03:32
MD5: 46c4f99f1928e4e80dd0ca77ac30b6d8
SHA1: 6bd67be1abfdd8b5e7ee5e23611f92fac2d27351
SHA256: ad7a31bbfbf8cbff6a1779f37f009f3d1f6cad3f657973e4d88a084054904bc1
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-12 00:06:03
Last submission: 2019-11-12 00:06:03
Filename detected: - whe.exe (1)
URL file hosting
hXXp://fargroup.ir/images/files/whe.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-11 07:03:14 [30/61] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x4ba84 310272 6231fd8d9454e6c8aab4ed98cafb4438 0f372c2b445b5f515eb0f35d1e9c8ca55a8df372
.rsrc 0x4e000 0x508 1536 9a6385e821846c6c1b2fbc2424a6b45f 6764056d5dc3c89695801dc167b7d606cd84e3d8
.reloc 0x50000 0xc 512 4d9201e6d8baf4414c558fde387d14ad 19d5405a4f2fc3e2ab84a8d594e1ad7872074f67
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
psapi.dll
mscoree.dll
vaultcli.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-12 00:06:04