build.exe

First submission 2024-02-07 23:42:05

File details

File type: PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Mime type: application/x-dosexec
File size: 10939.0 KB (11201536 bytes)
Compile time: 2024-02-07 19:15:46
MD5: 7487e2be7384a10f23c704635ab76b23
SHA1: b54fbde1342c7e3b5df9a4acc2a8d4a9b17a4e7f
SHA256: a4ffd596dcb461d4fe2020b2d41e2dd7e210cc832afdba56e72f433a8296e466
Import Hash : a7b0793ae6dd3f16ef244d19e4de0c24
Sections 12 .text .data .rdata .eh_fram .pdata .xdata .bss .idata .CRT .tls .rsrc .reloc
Directories 4 import resource tls relocation
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXps://transfer.adttemp.com.br/get/9X0vo/build.exe VirusTotal Report transfer.adttemp.com.br VirusTotal Report 2024-02-07 23:42:05

PE Sections 3 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x1aa28 109568 585d53c2fcc0c84bb22d58b74f58f688bc2684b2 4bc811943c715ccb8fd3f943e5d01976
.data 0x1c000 0x110 512 3be32de11ba5239b406f2fe06059dfb1c1e3236d 81445842aa386d24104f739836defa0f
.rdata 0x1d000 0x2b30 11264 f68e1957dbaf1c0dbd6ece0567d41e149985d69c d64dcdeb7fe35c68c10f4dc07a63ace2
.eh_fram 0x20000 0x4 512 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5 bf619eac0cdf3f68d496ea9344137e8b
.pdata 0x21000 0x828 2560 94e364e1a3b59534804af80e85a26e1397777e77 c7e8e24756842ae0c1e7d1223d7393ff
.xdata 0x22000 0x9f8 2560 a62857439728271dbe580fbffb2a19e2671eeacd 67bb7aabcc399ab4610a99c40553d7fd
.bss 0x23000 0xfc70 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.idata 0x33000 0xdbc 3584 2a427e8e23c497d66df536a7e7d509eeb58e61b7 56f6e4909367bbba1f3f5df3d0ba7a83
.CRT 0x34000 0x60 512 ac740fccbdca7a566fae3ca0859631ff33f6588b 2e6ad5738ce7ff128901b69f0da5b38a
.tls 0x35000 0x10 512 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5 bf619eac0cdf3f68d496ea9344137e8b
.rsrc 0x36000 0xa8e2a0 11068416 8e00db79513bb1ecc941169692c8ef23ed56c4b7 18d6c478a02014260e6b9ec65da670d0
.reloc 0xac5000 0x94 512 823bd18b2ac229ce510006442879eb205c2ff5f7 46155d2764f1a1eca765777cbce8bb35

PE Resources 2

Name Language Sublanguage Offset Size Data
RT_RCDATA LANG_NEUTRAL SUBLANG_NEUTRAL 0x360a0 11067072