GotoHTTP.exe

First submission 2024-07-08 19:01:39

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 159.95 KB (163792 bytes)
Compile time: 2024-05-11 03:53:45
MD5: 7e175ef621f1cba35576c2d6b5f5b41a
SHA1: 78e277ba944cd96d8c2c02de687d742946076e7b
SHA256: ac31065d55ca54f24af5a299d4a70068634be9861e48713e39cafa8fff4016f9
Sections 6 .text .rodata .rdata .data .rsrc .reloc
Directories 4 import resource relocation security

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://111.230.72.242/GotoHTTP.exe VirusTotal Report 111.230.72.242 VirusTotal Report 2024-07-08 19:01:39

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x20d131 2150912 b2c41dded7663f9ff7ecba1658ddc2060d3b3257 166d9a108d138845cf849b3096ec796b
.rodata 0x20f000 0x18 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x210000 0x84658 542720 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.data 0x295000 0xa8d8 29184 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x2a0000 0x6cc4 28160 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.reloc 0x2a7000 0x11b54 72704 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e

File signature

MD5 SHA1 Block size Virtual Address
d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 10664 2825216