RUN.exe

First submission 2024-02-07 22:22:03

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 40.0 KB (40960 bytes)
Compile time: 2024-02-07 20:53:11
MD5: 1b8ceba270bcec714babe5a0862ef028
SHA1: acdc21926f5a8ae73a01fa2065d39cc380f9705e
SHA256: 3c38a9a5311b54cc70a2fa2c8ce11b9b0e539a4af490521eaaa174fb928a4095
Import Hash : 75f5fb4f557e495942156692dd4b4940
Sections 3 .text .data .rsrc
Directories 2 import resource
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://193.233.132.186/RUN.exe VirusTotal Report 193.233.132.186 VirusTotal Report 2024-02-07 22:22:03

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x4190 20480 3f5fb1308e6e9533a3c9fbefe99810deb2e6641d 7926cda9426f7507460a0b0295cee6d3
.data 0x6000 0xb08 4096 1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x7000 0x2b34 12288 0edaf5f60ac877a06742e1154ea1f4d410a10e7e fbf768a03b504bed2c23e77575cd50c3

PE Resources 3

Name Language Sublanguage Offset Size Data
RT_ICON LANG_NEUTRAL SUBLANG_NEUTRAL 0x7404 3752
RT_GROUP_ICON LANG_NEUTRAL SUBLANG_NEUTRAL 0x73a8 92
RT_VERSION LANG_ENGLISH SUBLANG_ENGLISH_US 0x71e0 456

Meta infos 6

InternalName: RUN
ProductVersion: 1.00
Translation: 0x0409 0x04b0
ProductName: \x41f\x440\x43e\x435\x43a\x4421
OriginalFilename: RUN.exe
FileVersion: 1.00

Packers detected 2

Microsoft Visual Basic v5.0 - v6.0
Microsoft Visual Basic v5.0

Strings analysis - File found

Autogen
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Library
VBA6.DLL
MSVBVM60.DLL

Import functions