343dsxs.exe

First submission 2024-08-25 20:22:02 Last sumbission 2024-09-01 19:38:40

File details

File type: PE32 executable (console) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 413.0 KB (422912 bytes)
Compile time: 2024-07-29 23:10:08
MD5: 7b0a50d5495209fa15500df08a56428f
SHA1: ab792139aaa0344213aa558e53fa056d5923b8f0
SHA256: d7f591f60eea358649cd97b73296b31a682e22fc5784df440026c3086de3d835
Import Hash : 95d4113c25a148a48f2688574ed71076
Sections 5 .text .Bqq .rdata .data .reloc
Directories 4 import debug tls relocation

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 56/79 VT report date: 2024-08-11 11:36:31
Malware Type 2 trojan pua
Threat Type 3 stealc zusy hxdb

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://185.215.113.117/inc/343dsxs.exe VirusTotal Report 185.215.113.117 VirusTotal Report 2024-09-01 19:38:42

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x2769f 161792 55f865038fac053328ba7c848daa3c06acaffab5 9aea280dac689de3105e3ff018d5ae30
.Bqq 0x29000 0x8e5 2560 2cf9acad759984b3db1ab8f0018bdf253e6c6039 fb03262d71170c04c1c9f54fd2ec9426
.rdata 0x2a000 0xb872 47616 cb48e41f859ec4fd1d520668da9c2f6bee05fc90 cceb023b8dd321f671fd50627b4a480f
.data 0x36000 0x31f34 200704 0ec709681689f2c6dfb7059a5c1f8733cef4c695 787053e4692d3a3e15ccd2e6147f607a
.reloc 0x68000 0x2334 9216 afdf1f5aed7836c087540901b6a6bb676bb9903c ea6875280dd579413608f95d0407fafa

Packers detected 2

Microsoft Visual C++ 8
VC8 -> Microsoft Corporation

Anti debug functions 6

GetLastError
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
TerminateProcess
UnhandledExceptionFilter

Strings analysis - File found

Library
mscoree.dll
KERNEL32.dll

Import functions

Name Latest seen MD5
4434.exe 2024-09-01 19:36:36 607c413d4698582cc147d0f0d8ce5ef1
300.exe 2024-09-02 00:39:02 4e87a872b6a964e93f3250b027fe7452