whe.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 49/71 Related 2780
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 282.50 KB (289280 bytes)
Compile time: 2019-12-03 22:15:35
MD5: 7c34e94799cc96f478c73c5b23e88a9d
SHA1: f19ffd20aead6447b583c22a2202d218d0dfb12c
SHA256: 30c57cdd7c8950abc20fc1279e9723fa7a5d42b81bae616fdaf8ede70e558dae
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-12-10 11:00:04
Last submission: 2019-12-10 11:00:04
Filename detected: - whe.exe (1)
URL file hosting
hXXp://[www].teorija.rs/storage/framework/whe.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-12-06 16:03:55 [49/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x45e04 286720 fa02f662dfd93e468b4181e241bf00ec e9e1d790e8aa589222628bade25de3701426ca03
.rsrc 0x48000 0x520 1536 3189fd577de609855d8ff84089a0b53b 15f0d6d2ddcfe773cc3f2df98cfef6216cd9e23c
.reloc 0x4a000 0xc 512 5c6b7d91f4838cce9e0ecf8cec251e0a 1e13629587fe8a2bd187c78711b7ba74e8fe21ae
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
psapi.dll
mscoree.dll
vaultcli.dll
IP Found
0.1.2.3
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-12-10 11:00:05