Vhpcde.exe

First submission 2024-08-27 17:41:02 Last sumbission 2024-09-01 19:30:06

File details

File type: PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Mime type: application/x-dosexec
File size: 662.0 KB (677888 bytes)
Compile time: 2058-04-25 02:00:21
MD5: 4ae02ce23e76c0d777a9000222e4336c
SHA1: 4ad1cdcd30abc364dc93e671cec58461c1f7f2c2
SHA256: 87202ddd20d67f566b2e49c98ceea801f58f72e66b47e61f8daf0d70521546f5
Sections 2 .text .rsrc
Directories 1 resource

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 55/79 VT report date: 2024-08-10 16:24:17
Malware Type 1 trojan
Threat Type 3 msil jalapeno barys

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://185.215.113.117/inc/Vhpcde.exe VirusTotal Report 185.215.113.117 VirusTotal Report 2024-09-01 19:30:07

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x2000 0xa4f6c 675840 e340c71520107598794274d07c068630fb46c0ce 910c0dc81d72e7c2f72df00b45885210
.rsrc 0xa8000 0x55e 1536 83c9b84242bb83d5ff32c9788bb1aeea6f4678e8 ba3ebf07a7c8db12cc00cffdcae9b4b9

PE Resources 2

Name Language Sublanguage Offset Size Data
RT_VERSION LANG_NEUTRAL SUBLANG_NEUTRAL 0xa80a0 724
RT_MANIFEST LANG_NEUTRAL SUBLANG_NEUTRAL 0xa8374 490

Meta infos 12

LegalCopyright:
Assembly Version: 1.0.0.0
InternalName: Fokktu.exe
FileVersion: 1.0.0.0
CompanyName:
LegalTrademarks:
Comments:
ProductName:
ProductVersion: 1.0.0.0
FileDescription:
Translation: 0x0000 0x04b0
OriginalFilename: Fokktu.exe

Packers detected 2

Microsoft Visual C++ vx.x DLL
Microsoft Visual C++ v6.0