DigitalSide Threat Intel

Gosu_beta.zip?ex=670ceb24&is=670b99a4&hm=6036d405fae7de4c29fb495c5ceee7e5f859922e92b02a7dc49621afed0deeb4&

First submission 2024-10-13 17:28:02

File details

File type: Zip archive data, at least v2.0 to extract
Mime type: application/zip
File size: 1644.29 KB (1683756 bytes)
MD5: 23f0e23b40b6f60b573a4536a8c0f161
SHA1: 97ef4c518ac72dd3cdc3d39afc9cff58efc72e33
SHA256: 181066330c46393fb0ae51c3bc450ea73a376d133570d778c94f36dca890a964

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 38/78 VT report date: 2024-06-23 20:29:16
Malware Type 3 hacktool trojan pua
Threat Type 3 barys kerneldrutil r002c0pep24

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXps://cdn.discordapp.com/attachments/1209563106120831029/1241691305445163099/Gosu_beta.zip?ex=670ceb24&is=670b99a4&hm=6036d405fae7de4c29fb495c5ceee7e5f859922e92b02a7dc49621afed0deeb4& VirusTotal Report cdn.discordapp.com VirusTotal Report 2024-10-13 17:28:02

Strings analysis - File found

Library
resources/main.dll
resources/drv64.dll
resources/overlay.dll