DigitalSide Threat Intel

recode.tan.dll?ex=670c83cc&is=670b324c&hm=d12b504ebf18a42fc32731e0b36b919410aa6f4229a0d7ac79b762f2d59bc1a2&

First submission 2024-10-13 18:29:02 Last sumbission 2024-10-13 19:27:02

File details

File type: PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Mime type: application/x-dosexec
File size: 913.5 KB (935424 bytes)
Compile time: 2024-10-13 04:32:55
MD5: 5d33576f92b01bba10cc31f5f7791c1f
SHA1: 20108480844bb73868b2d596d895883bd8582bb4
SHA256: bb1c2f7c84b51da2591139c1ee030898faf37ed3a3fca956f89782fbf4a2857d
Sections 4 .text .data .pdata .reloc
Directories 2 debug relocation

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 5/77 VT report date: 2024-10-13 17:05:29

URLs, FQDN and IP indicators 2

URL Host (FQDN/IP) Date Added
hXXps://cdn.discordapp.com/attachments/1242908028521549954/1294851357739712586/recode.tan.dll?ex=670c83cc&is=670b324c&hm=d12b504ebf18a42fc32731e0b36b919410aa6f4229a0d7ac79b762f2d59bc1a2& VirusTotal Report cdn.discordapp.com VirusTotal Report 2024-10-13 19:27:05
hXXps://cdn.discordapp.com/attachments/1242908028521549954/1294917783271768117/recode.tan.dll?ex=670cc1a9&is=670b7029&hm=23fcd016796fba297269b86ac9053bba9488f20d0701860566713ad45fc560b3& VirusTotal Report cdn.discordapp.com VirusTotal Report 2024-10-13 18:29:02

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0xb90f1 758272 facf2a6823134cc811dd3628af4cb6d916386f27 70a4277f3cba9d5e369b44a72cc00353
.data 0xbb000 0x2dd80 148480 f69a504e9061de31534d594a03288045c046ced0 3b8073243e45930afc34c0356219702f
.pdata 0xe9000 0x67bc 26624 5ac504bda4097a1e86a7b82893e8cb4171881a7f 6ba9ffd12d1418586cee941dbc570967
.reloc 0xf0000 0x3c4 1024 a5b2e6f9d40e429c2624c8078fd8a4f14fc12dc9 d1e8931cfad15b18c5473af34e74c1bd

Packers detected 1

Microsoft Visual C++ 8.0 (DLL)