main
First submission 2024-10-18 07:17:03
File details
| File type: | Zip archive data, at least v1.0 to extract |
| Mime type: | application/zip |
| File size: | 21385.71 KB (21898962 bytes) |
| MD5: | 7b99399b62f6c8abbb63e4eb8874b951 |
| SHA1: | f0a2591e4f355d90dc1c1c2304b526ba04149891 |
| SHA256: | c8f4c773ce4f1ac2257120c21e267458fb8b6da122cddee1644495a84443dcda |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 7/77 VT report date: 2024-10-16 17:30:42 |
| Malware Type 1 | trojan |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXps://codeload.github.com/echxanhredteam/8v8XkYkBbX/zip/refs/heads/main  |
codeload.github.com |
2024-10-18 07:17:03 |
Strings analysis - File found
| Executable |
| /x)K%;.sO |
| Database |
| 8=p.DB |
| Library |
| DLLs/libcrypto-3.dll |
| Lib/site-packages/win32/perfmondata.dll |
| DLLs/tcl86t.dll |
| vcruntime140.dll |
| DLLs/tk86t.dll |
| DLLs/sqlite3.dll |
| DLLs/libffi-8.dll |
| VCRUNTIME140_1.dll |
| python311.dll |
Strings analysis - Possible IPs found 3
| 6.0.4.6 |
| 1.5.3.7 |
| 2.4.2.6 |