MalScore
100/100
MalFamily
Alman

Webber.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 62/71
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 488.00 KB (499712 bytes)
Compile time: 2013-02-17 10:16:36
MD5: 68e5bc64d08b0784740dbf9a7cde0f79
SHA1: ab36b8af5b779fca351bf9d001a8af3290e98bfc
SHA256: 116837d546b45b6218844bb705a9f138e8f565ded4f4ae2e3e8883d5bd8dc9cf
Import hash: f104ac2dcd7a1649a1483cca9a378ced
Sections 4 .text .rdata .data .rsrc
Directories 2 import resource
First submission: 2019-02-11 19:21:07
Last submission: 2019-02-11 19:21:07
Filename detected: - Webber.exe (1)
URL file hosting
hXXp://down.eebbk.net/ddjsoftware/Webber.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-01-29 12:42:33 [62/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x5e875 389120 7d209b1f518fe23582f036e2f8133fb0 292010173b45eddddd774362c1581f8e6d60e338
.rdata 0x60000 0x7574 32768 8c698c9dea75dded32ef99bd8cd230d3 b88bdd3c76b8a90223866e817fa4486026d4a4ff
.data 0x68000 0x1e558 28672 2cac2c7d4663b565661498a5cafd0cd4 601e058d10d27072dd36fc2a129e56a6d6bd6246
.rsrc 0x87000 0xa6bf 45056 c95db822bef71b5e417b4f0ae93cdd6b e2d9269bd4e50ae69f57770fbb6b4390aba3d587
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Library
WININET.dll
USER32.dll
MSVCP60.dll
MFC42.DLL
sqlite3.dll
KERNEL32.dll
MSVCRT.dll
WSOCK32.dll
IP Found
No IP detected
URL(s)
http://www.w3.org/2003/05/soap-encoding
http://webservice.bbkdown.com/SynX9DataServiceSoap12Binding
http://webservice.bbkdown.com/SynDataServiceSoap11Binding
http://www.w3.org/2001/XMLSchema-instance
http://service.haohaoxue.net/DownSoftWare/data/
http://service.content.admin.bbkdown.com/xsd
http://service.haohaoxue.net/services/SynDataService.SynDataServiceHttpSoap11Endpoint/
http://
http://service.haohaoxue.net/services/SynDataService
http://service.haohaoxue.net/DownSoftWare/data_x9/
http://schemas.xmlsoap.org/soap/envelope/
http://dao.content.admin.bbkdown.com/xsd
http://www.w3.org/2003/05/soap-envelope/role/next
http://webservice.bbkdown.com/SynX9DataServiceSoap11Binding
http://service.search.bbkdown.com/xsd
http://schemas.xmlsoap.org/soap/encoding/
http://www.w3.org/2003/05/soap-envelope
http://www.w3.org/
http://webservice.bbkdown.com/SynDataServiceSoap12Binding
http://webservice.bbkdown.com/UploadServiceSoap12Binding
http://schemas.xmlsoap.org/soap/actor/next
http://dao.userCenter.admin.bbkdown.com/xsd
http://webservice.bbkdown.com
http://service.haohaoxue.net/services/SynX9DataService.SynX9DataServiceHttpSoap11Endpoint/
http://webservice.bbkdown.com/UploadServiceSoap11Binding
http://dao.sort.admin.bbkdown.com/xsd
http://service.haohaoxue.net/services/SynX9DataService
http://www.w3.org/2001/XMLSchema
http://www.w3.org/2003/05/soap-rpc
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05b_64 Seven05b_64 VirtualBox 2019-02-11 19:10:27 2019-02-11 19:13:27 180

1 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05b_64 Seven05b_64 VirtualBox 2019-02-11 19:10:27 2019-02-11 19:13:27 180

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2019-02-11 19:21:10

Detected family: #Alman

TheSystem Itself @ 2019-02-11 19:26:02