whe.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 47/71 Related 2726
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 519.00 KB (531456 bytes)
Compile time: 2019-11-04 21:57:59
MD5: efef0da6aac427057ed640e5569624f2
SHA1: d8e7e2215cca45dff347ae71fa8d03b59e4cc37e
SHA256: 832a3c6120a8a5f3f00ce8de17a9d81da51a986455d554344177afa71ddd27a2
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-11 00:48:05
Last submission: 2019-11-11 00:48:05
Filename detected: - whe.exe (1)
URL file hosting
hXXp://fargroup.ir/images/whe.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-07 16:03:26 [47/71] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x811f4 528896 97fc04396038ca4613e3d1ae0205c9aa 83880a662902381f8ee791b84b121f736cf2cf55
.rsrc 0x84000 0x600 1536 3929e4ce6e0f55c58892a009a5c40c23 2094a0c75e5832213400dcf531e9ab11d6a956a8
.reloc 0x86000 0xc 512 db19bbb97d3dcb54ce43536aedf361ed d6e4ddfd78d4ed39ee4d95431a403340dc75303f
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
1.9.0.1
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-11 00:48:06