DigitalSide Threat Intel

%E8%87%AA%E5%8A%A8%E5%8C%96%E6%A3%80%E6%B5%8B.exe

First submission 2024-10-14 18:06:11

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Mime type: application/x-dosexec
File size: 1088.55 KB (1114674 bytes)
Compile time: 2024-10-11 03:17:57
MD5: 141cedacc0b2df238beea63cfef251de
SHA1: 1ed35255142b5309a8fe5b7b65720cded1fbf28e
SHA256: af10c0d7865de221473f646bbd9334d25e9d6d7b4b06cccf68f25032394830ef
Sections 3 UPX0 UPX1 .rsrc
Directories 2 import resource

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://ttykok.320.io/software/%E8%87%AA%E5%8A%A8%E5%8C%96%E6%B5%8B%E8%AF%95/%E8%87%AA%E5%8A%A8%E5%8C%96%E6%A3%80%E6%B5%8B.exe VirusTotal Report ttykok.320.io VirusTotal Report 2024-10-14 18:06:11

PE Sections 2 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
UPX0 0x1000 0x4f2000 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x4f3000 0x2a9000 2786816 5035b8ca17a22ee19ee537a420dfdee81d5fcf4c d4e62c02f6913af51ce6383e3309245c
.rsrc 0x79c000 0x8000 29184 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e

Strings analysis - File found

Text
5 ,usb.txt
Library
LPAPI.DLL
SETUPAPI.dll