stale.exe

First submission 2024-02-04 13:14:03

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 13337.0 KB (13657088 bytes)
Compile time: 2024-02-02 19:53:15
MD5: 084222b639a1b3f35be40ca5282a6e0a
SHA1: bf246f61d7d62133efe5401388cf6168b4191b20
SHA256: a9a4d321d6ccfe6ba9e0f870fb1bf590535c6e10a091805020930dce46e116b7
Import Hash : bff37c7a49190d2c339ddd01860611a0
Sections 9 .text .rdata .data .00cfg .tls dgfbfgd0 dgfbfgd1 dgfbfgd2 .reloc
Directories 3 import tls relocation
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXps://brazilanimalshelp.com/updating/stale.exe VirusTotal Report brazilanimalshelp.com VirusTotal Report 2024-02-04 13:14:03

PE Sections 8 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x1f102c 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x1f3000 0x11b90 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.data 0x205000 0x1d090 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.00cfg 0x223000 0x8 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.tls 0x224000 0x3be9 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
dgfbfgd0 0x228000 0x75848d 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
dgfbfgd1 0x981000 0x40a0 16896 608a122ef23875f39ee349c043b5cbf058eed688 8e92bd1471a53fb79346d5568d142f05
dgfbfgd2 0x986000 0xd01590 13637120 5161f966971d6deb903d448f635a0653a947705d c466b76f40ad117272da7d164bb18549
.reloc 0x1688000 0x7ec 2048 e458b768d361e6ffd43a81b0c57e941c272a6aa4 5d115ef5b0bb9b657ac164c67057131b

Strings analysis - File found

Library
KERNEL32.dll

Import functions