wh.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 31/70 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 512.00 KB (524288 bytes)
Compile time: 2019-11-07 23:29:28
MD5: f2c71f9a2cd03ea3bc9d888c65370559
SHA1: 0302e97af56c32e32203f66d039d5cec96b7f471
SHA256: a4219f655ef0864c8abe4a695b4ac090b9ac614ce743d80ea21d2a6599d412d0
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-11-11 00:51:03
Last submission: 2019-11-11 00:51:03
Filename detected: - wh.exe (1)
URL file hosting
hXXp://fargroup.ir/images/wh.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-11-08 07:06:28 [31/70] VirusTotal
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x7f5c4 521728 105980b9468763aba3726b73eef00b5d af0be2feabce488e41e48fb89df1de6364ef951a
.rsrc 0x82000 0x600 1536 7b07ce89d0b46cbb93b181263ac3dafc c5489e10512e664dcae784fe6f0b1efb912a4c6f
.reloc 0x84000 0xc 512 a000b244ef7f5778a41254b6aa8bea13 a338a2310f2cf519d8ca31cb82ccae5e3f93cd63
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
7.3.0.1
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-11-11 00:51:05