build.exe
First submission 2022-08-02 21:12:15
File details
| File type: | PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows |
| File type: | 33452.5 KB (34255360 bytes) |
| Compile time: | 2022-08-01 11:16:28 |
| MD5: | 6502f1d91e568b08122338d4bc9f15d0 |
| SHA1: | fae712e6509941123c6007594e192eb9e9066cf1 |
| SHA256: | 656e31365da959aac67f8fe882d402942f921300d2713370657ba625c216686a |
| Sections 2 | .text��� .rsrc��� |
| Directories 1 | resource |
| Virus Total: | 18/71 VT report date: 2022-08-01 13:38:29 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://94.23.190.57/build.exe  |
94.23.190.57 |
2022-08-02 21:12:15 |
PE Sections 1 suspicious
| Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
|---|---|---|---|---|---|---|
| .text��� | 0x2000 | 0x20aa840 | 34253312 | 5c34b925a5d882bfb4f74db7236b76914f3e3d79 | 2962190ea88eafbe50eaf0d56988193e | |
| .rsrc��� | 0x20ae000 | 0x480 | 1536 | c12a3db5c1d9b655a28c5cd2ff8ebb4d77565d91 | f11a4867f13b0357432f8fd841d1f890 |
PE Resources 2
| Name | Language | Sublanguage | Offset | Size | Data |
|---|---|---|---|---|---|
| RT_VERSION | LANG_NEUTRAL | SUBLANG_NEUTRAL | 0x20ae0a0 | 572 | |
| RT_MANIFEST | LANG_NEUTRAL | SUBLANG_NEUTRAL | 0x20ae2e0 | 410 |
Meta infos 8
| FileDescription: | |
| LegalCopyright: | |
| Assembly Version: | 0.0.0.0 |
| Translation: | 0x0000 0x04b0 |
| InternalName: | build.exe |
| FileVersion: | 0.0.0.0 |
| OriginalFilename: | build.exe |
| ProductVersion: | 0.0.0.0 |
Packers detected 2
| Microsoft Visual C++ vx.x DLL |
| Microsoft Visual C++ v6.0 |
Strings analysis - File found
| Database |
| =D.dB |
| Executable |
| K#.sO |
| |xb.sO |
| #.so |