Vhpcde.exe
First submission 2024-08-27 17:41:02
Last sumbission 2024-09-01 19:30:06
File details
File type: | PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows |
Mime type: | application/x-dosexec |
File size: | 662.0 KB (677888 bytes) |
Compile time: | 2058-04-25 02:00:21 |
MD5: | 4ae02ce23e76c0d777a9000222e4336c |
SHA1: | 4ad1cdcd30abc364dc93e671cec58461c1f7f2c2 |
SHA256: | 87202ddd20d67f566b2e49c98ceea801f58f72e66b47e61f8daf0d70521546f5 |
Sections 2 | .text .rsrc |
Directories 1 | resource |
File features detected
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 55/79 VT report date: 2024-08-10 16:24:17 |
Malware Type 1 | trojan |
Threat Type 3 | msil jalapeno barys |
URLs, FQDN and IP indicators 1
PE Sections 1 suspicious
Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
---|---|---|---|---|---|---|
.text | 0x2000 | 0xa4f6c | 675840 | e340c71520107598794274d07c068630fb46c0ce | 910c0dc81d72e7c2f72df00b45885210 | |
.rsrc | 0xa8000 | 0x55e | 1536 | 83c9b84242bb83d5ff32c9788bb1aeea6f4678e8 | ba3ebf07a7c8db12cc00cffdcae9b4b9 |
PE Resources 2
Name | Language | Sublanguage | Offset | Size | Data |
---|---|---|---|---|---|
RT_VERSION | LANG_NEUTRAL | SUBLANG_NEUTRAL | 0xa80a0 | 724 | |
RT_MANIFEST | LANG_NEUTRAL | SUBLANG_NEUTRAL | 0xa8374 | 490 |
Meta infos 12
LegalCopyright: | |
Assembly Version: | 1.0.0.0 |
InternalName: | Fokktu.exe |
FileVersion: | 1.0.0.0 |
CompanyName: | |
LegalTrademarks: | |
Comments: | |
ProductName: | |
ProductVersion: | 1.0.0.0 |
FileDescription: | |
Translation: | 0x0000 0x04b0 |
OriginalFilename: | Fokktu.exe |
Packers detected 2
Microsoft Visual C++ vx.x DLL |
Microsoft Visual C++ v6.0 |