66dd2c2d3b88f_opera.exe

First submission 2024-09-28 01:17:03

File details

File type: PE32+ executable (GUI) x86-64, for MS Windows
Mime type: application/x-dosexec
File size: 10897.0 KB (11158528 bytes)
Compile time: 2024-09-08 06:44:29
MD5: 079d166295bafa2ab44902c8bf5ff2a5
SHA1: 46e728a035c3fd9618f823a5d0b525a9aa22e1c1
SHA256: dbe5fb6a6d567628f7982723f21869f68508397ee6926116554aef37789014d8
Import Hash : 3fac356340f08f787f93cbf317f090cd
Sections 10 .text .rdata .data .pdata .00cfg .tls .text0 .text1 .text2 .rsrc
Directories 3 import resource tls

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 58/77 VT report date: 2024-09-17 22:28:23
Malware Type 2 trojan miner
Threat Type 3 vmprotect bfkey privateloader

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://147.45.44.104/lopsa/66dd2c2d3b88f_opera.exe VirusTotal Report 147.45.44.104 VirusTotal Report 2024-09-28 01:17:04

PE Sections 9 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x8136 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rdata 0xa000 0x1eb8 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.data 0xc000 0xc9e788 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.pdata 0xcab000 0x180 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.00cfg 0xcac000 0x10 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.tls 0xcad000 0x10 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.text0 0xcae000 0x2a6b38 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.text1 0xf55000 0x58 512 afc4ecd579c5520626a9a01cd8edb28a1fb19ace 4ac71777059f0f153e826943bbe58c1d
.text2 0xf56000 0xa737e0 10958848 4bc4ffebd700acd3023f30c6a54ebeb6dd350674 be4dae63d3be9ff055b373171be851fd
.rsrc 0x19ca000 0x304d8 198144 0df5594b15735ed45f00a72c44e07b3879b8e1be 20242037f5ee925ec85527c7d26da6d9

PE Resources 3

Name Language Sublanguage Offset Size Data
RT_ICON LANG_ENGLISH SUBLANG_ENGLISH_US 0x19f9cf0 1128
RT_GROUP_ICON LANG_ENGLISH SUBLANG_ENGLISH_US 0x19fa158 132
RT_VERSION LANG_ENGLISH SUBLANG_ENGLISH_US 0x19fa1e0 760

Meta infos 9

LegalCopyright: Copyright 2024 Google LLC. All rights reserved.
ProductVersion: 128,0,6613,120
CompanyName: Google Chrome
FileTitle: chrome_exe
FileVersion: 128,0,6613,120
FileDescription: Google Chrome
Translation: 0x0409 0x04e4
LegalTrademark:
ProductName: Google LLC

Strings analysis - File found

Linker File
?:.lNk
Library
MSVCRT.dll
KERNEL32.dll

Import functions

Name Latest seen MD5
66f904cda3b3f_fusion.exe 2024-09-29 10:21:06 6e1953433d891db10790aafcced19b30