build.exe

First submission 2022-08-02 21:12:15

File details

File type: PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
File type: 33452.5 KB (34255360 bytes)
Compile time: 2022-08-01 11:16:28
MD5: 6502f1d91e568b08122338d4bc9f15d0
SHA1: fae712e6509941123c6007594e192eb9e9066cf1
SHA256: 656e31365da959aac67f8fe882d402942f921300d2713370657ba625c216686a
Sections 2 .text .rsrc
Directories 1 resource
Virus Total: 18/71 VT report date: 2022-08-01 13:38:29

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://94.23.190.57/build.exe VirusTotal Report 94.23.190.57 VirusTotal Report 2022-08-02 21:12:15

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x2000 0x20aa840 34253312 5c34b925a5d882bfb4f74db7236b76914f3e3d79 2962190ea88eafbe50eaf0d56988193e
.rsrc 0x20ae000 0x480 1536 c12a3db5c1d9b655a28c5cd2ff8ebb4d77565d91 f11a4867f13b0357432f8fd841d1f890

PE Resources 2

Name Language Sublanguage Offset Size Data
RT_VERSION LANG_NEUTRAL SUBLANG_NEUTRAL 0x20ae0a0 572
RT_MANIFEST LANG_NEUTRAL SUBLANG_NEUTRAL 0x20ae2e0 410

Meta infos 8

FileDescription:
LegalCopyright:
Assembly Version: 0.0.0.0
Translation: 0x0000 0x04b0
InternalName: build.exe
FileVersion: 0.0.0.0
OriginalFilename: build.exe
ProductVersion: 0.0.0.0

Packers detected 2

Microsoft Visual C++ vx.x DLL
Microsoft Visual C++ v6.0

Strings analysis - File found

Database
=D.dB
Executable
K#.sO
|xb.sO
#.so