hunta.exe

First submission 2024-02-10 13:41:02

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 2317.5 KB (2373120 bytes)
Compile time: 2024-02-09 08:51:44
MD5: 48bd66cb49e7451cbdb078e2698a1290
SHA1: 2a2efd6832e38c8ca141e6b45d2b75144d48a74e
SHA256: c00fb5f31089eb1a997b7a0bbf2cd9c520b2abba86d19026ea40237d99c53cc2
Import Hash : 2eabe9054cad5152567f0699947a2c5b
Sections 7 .rsrc .idata rxvctknn sjkouduc .taggant
Directories 3 import resource relocation
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://109.107.182.40/dalas/hunta.exe VirusTotal Report 109.107.182.40 VirusTotal Report 2024-02-10 13:41:02

PE Sections 6 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
0x1000 0x136000 585216 989eb1ddb6ce88afc92cf81c1d24a4b9994040d2 e0689db77c87f484eb2085b1c4faaf08
.rsrc 0x137000 0x110a0 8192 8d11fa0e89e8bbadc5b3229a0ca189848b921f58 82485476c42846bbadb14862a2b4ee39
.idata 0x149000 0x1000 512 5e2665ef83d53c2c9333b29ae262182f2c55c30c 588e00183b8b4dbb8c7106492f04143d
0x14a000 0x2b9000 512 77ffb57994b594a0b315544cddf88a7119aba4db 79237a4dd8f1757f0b435861400b096b
rxvctknn 0x403000 0x1af000 1764864 472215a4a83a22e22a372f1fcff1d31203a50063 852098b994b96a3b1354e44ea3c124bc
sjkouduc 0x5b2000 0x1000 1024 ae92b7523115aa9b63a28135c0b7053a8cb5f847 5cfe6231d7ca1f3b7c9507acd3fb5f62
.taggant 0x5b3000 0x3000 8704 c5f8790c99d156892be881df3cac36713234c502 66129c0fa4a68200dfe5a28472252898

PE Resources 4

Name Language Sublanguage Offset Size Data
RT_ICON LANG_RUSSIAN SUBLANG_RUSSIAN 0x5a0db0 67624
RT_GROUP_ICON LANG_RUSSIAN SUBLANG_RUSSIAN 0x5b15d8 20
RT_VERSION LANG_RUSSIAN SUBLANG_RUSSIAN 0x5b15ec 692
RT_MANIFEST LANG_ENGLISH SUBLANG_ENGLISH_US 0x5b1b86 381

Meta infos 9

LegalCopyright: (c) 1999-2022 Jonathan Bennett
InternalName: Ay3Info.exe
FileVersion: 3.3.16.1
CompanyName: Au3
ProductVersion: 3.3.16.1
FileDescription: Ay3Info
Translation: 0x0409 0x04b0
OriginalFilename: Ay3Info.exe
ProductName: Ay3Info

Strings analysis - File found

Library
KERNEL32.dll

Strings analysis - Possible IPs found 1

3.3.16.1

Import functions

Name Latest seen MD5
dota.exe 2024-02-06 05:06:03 9e4d39ed30534cc58a95507c99370a47
amert.exe 2024-02-06 06:41:03 a3cd3871ba24037d9aba6b0b053cf34a
rega.exe 2024-02-07 02:02:02 43836f75d5662bc72af946abefe786ce
bucha.exe 2024-02-08 03:22:04 3e9650a7b961e437db222dfb746e2be9
ladas.exe 2024-02-08 07:03:03 2fae8d32357ed07bf6a6b216f376f867
hunta.exe 2024-02-09 12:02:02 094c7deac7308ea0c8e656efae033a64
micro.exe 2024-02-10 15:22:02 bfcbce795272ae853a343628bd213390
loster.exe 2024-02-11 00:01:02 62888e93e8a9b835451bd3371d4b5218