win32e.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 34/71 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 304.00 KB (311296 bytes)
Compile time: 2019-11-11 23:48:50
MD5: 99e9002a35f7c5b0749c962b2e34e2a1
SHA1: 77989a4dadae17765825d989bb2805423b0ebb39
SHA256: 72e5dd14dd920e815b5b04baa89cc94b9cedb8a982e8f7c9a54b4bcd69021bbb
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-12 22:36:07
Last submission: 2019-11-12 22:36:07
Filename detected: - win32e.exe (1)
URL file hosting
hXXp://217.73.62.206/hqlw/win32e.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-12 14:55:43 [34/71] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x4b764 309248 fead4bc71bba68ff4b290545d2126a51 3b687ce3b89d665863e46df021b36d5d44e74527
.rsrc 0x4e000 0x308 1024 9aad8cde8473dcf7596a037aa13df945 7943db3f29ca1a02bd655d341e41957e844fb4da
.reloc 0x50000 0xc 512 e74ddec31274c0b7749e82b9f8513213 dc8b71a230f3904e2efafd15803787d20898b65b
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
mscoree.dll
psapi.dll
vaultcli.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-12 22:36:08