DigitalSide Threat Intel

recode.tan.dll?ex=670e3469&is=670ce2e9&hm=ada9c9dc52cc9050993ca6f0cc972c3588be54544014547a068fca81210c758b&

First submission 2024-10-14 16:34:02

File details

File type: PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Mime type: application/x-dosexec
File size: 938.5 KB (961024 bytes)
Compile time: 2024-10-14 10:01:21
MD5: b09aa41de19d13984155962acba42ac0
SHA1: 8756683dc95959bb62e2cb785eb2342d18dd9199
SHA256: accda98b5cceddf5dcc0f3335432680888c7d3ad682f303e41ea0ef38bd7ca55
Sections 4 .text .data .pdata .reloc
Directories 2 debug relocation

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 5/77 VT report date: 2024-10-14 11:22:10

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXps://cdn.discordapp.com/attachments/1242483488079478935/1295315871454986253/recode.tan.dll?ex=670e3469&is=670ce2e9&hm=ada9c9dc52cc9050993ca6f0cc972c3588be54544014547a068fca81210c758b& VirusTotal Report cdn.discordapp.com VirusTotal Report 2024-10-14 16:34:02

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0xbe201 779264 7b1db82c337571c9e3dc9ec43f8b6d18d7165910 7ea383dba208696ab6cb681a0df57bf4
.data 0xc0000 0x2ecb0 152576 86fd2b2a68ab01a6c894d6ca79b67216de1cb003 fa229f6ea87a4b51a6e93e1357e8e101
.pdata 0xef000 0x6978 27136 a298c322920594280223a85035a352759233b205 78b801bca46b286718de5094c26a1d92
.reloc 0xf6000 0x3e0 1024 77ac59741f0ce794aeb19afbbc116d0002c1f182 da861267fd1f1797553eec2d6dd07a4d

Packers detected 1

Microsoft Visual C++ 8.0 (DLL)