66dd2c2d3b88f_opera.exe
First submission 2024-09-28 01:17:03
File details
File type: | PE32+ executable (GUI) x86-64, for MS Windows |
Mime type: | application/x-dosexec |
File size: | 10897.0 KB (11158528 bytes) |
Compile time: | 2024-09-08 06:44:29 |
MD5: | 079d166295bafa2ab44902c8bf5ff2a5 |
SHA1: | 46e728a035c3fd9618f823a5d0b525a9aa22e1c1 |
SHA256: | dbe5fb6a6d567628f7982723f21869f68508397ee6926116554aef37789014d8 |
Import Hash : | 3fac356340f08f787f93cbf317f090cd |
Sections 10 | .text .rdata .data .pdata .00cfg .tls .text0 .text1 .text2 .rsrc |
Directories 3 | import resource tls |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 58/77 VT report date: 2024-09-17 22:28:23 |
Malware Type 2 | trojan miner |
Threat Type 3 | vmprotect bfkey privateloader |
URLs, FQDN and IP indicators 1
PE Sections 9 suspicious
Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
---|---|---|---|---|---|---|
.text | 0x1000 | 0x8136 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.rdata | 0xa000 | 0x1eb8 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.data | 0xc000 | 0xc9e788 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.pdata | 0xcab000 | 0x180 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.00cfg | 0xcac000 | 0x10 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.tls | 0xcad000 | 0x10 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.text0 | 0xcae000 | 0x2a6b38 | 0 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
.text1 | 0xf55000 | 0x58 | 512 | afc4ecd579c5520626a9a01cd8edb28a1fb19ace | 4ac71777059f0f153e826943bbe58c1d | |
.text2 | 0xf56000 | 0xa737e0 | 10958848 | 4bc4ffebd700acd3023f30c6a54ebeb6dd350674 | be4dae63d3be9ff055b373171be851fd | |
.rsrc | 0x19ca000 | 0x304d8 | 198144 | 0df5594b15735ed45f00a72c44e07b3879b8e1be | 20242037f5ee925ec85527c7d26da6d9 |
PE Resources 3
Name | Language | Sublanguage | Offset | Size | Data |
---|---|---|---|---|---|
RT_ICON | LANG_ENGLISH | SUBLANG_ENGLISH_US | 0x19f9cf0 | 1128 | |
RT_GROUP_ICON | LANG_ENGLISH | SUBLANG_ENGLISH_US | 0x19fa158 | 132 | |
RT_VERSION | LANG_ENGLISH | SUBLANG_ENGLISH_US | 0x19fa1e0 | 760 |
Meta infos 9
LegalCopyright: | Copyright 2024 Google LLC. All rights reserved. |
ProductVersion: | 128,0,6613,120 |
CompanyName: | Google Chrome |
FileTitle: | chrome_exe |
FileVersion: | 128,0,6613,120 |
FileDescription: | Google Chrome |
Translation: | 0x0409 0x04e4 |
LegalTrademark: | |
ProductName: | Google LLC |
Strings analysis - File found
Linker File |
?:.lNk |
Library |
MSVCRT.dll |
KERNEL32.dll |
Import functions
Name | Latest seen | MD5 |
---|---|---|
66f904cda3b3f_fusion.exe | 2024-09-29 10:21:06 | 6e1953433d891db10790aafcced19b30 |