Atte.exe

First submission 2024-07-08 09:43:02 Last sumbission 2024-07-08 09:44:01

File details

File type: PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Mime type: application/x-dosexec
File size: 25.0 KB (25600 bytes)
Compile time: 2052-01-29 19:56:31
MD5: b854f7f4b478960929e8c2ae1bd7f661
SHA1: 110697c7bbaabff1b8cdc2308b5de2e17912faad
SHA256: e53730ae2df93f79892cf600bd43dbc822a2ac600553d9010f4f2021b71f987e
Sections 2 .text .rsrc
Directories 2 resource debug

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 45/78 VT report date: 2024-07-08 09:19:43
Malware Type 1 trojan
Threat Type 3 androm msil botx

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://voucher-01-static.com/kvro/Atte.exe VirusTotal Report voucher-01-static.com VirusTotal Report 2024-07-08 09:43:02

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x2000 0x56cc 22528 69a5729f79867d8638f6ef7e1bca6d458c691e7e 3eed2346390c04dbcc4146144bb3378e
.rsrc 0x8000 0x9d8 2560 291ef2058d90a769771208592255952a43bd56f0 ede0e93e223ffe90336554e393f69348

PE Resources 4

Name Language Sublanguage Offset Size Data
RT_ICON LANG_NEUTRAL SUBLANG_NEUTRAL 0x8100 1128
RT_GROUP_ICON LANG_NEUTRAL SUBLANG_NEUTRAL 0x8578 20
RT_VERSION LANG_NEUTRAL SUBLANG_NEUTRAL 0x859c 572
RT_MANIFEST LANG_NEUTRAL SUBLANG_NEUTRAL 0x87e8 490

Meta infos 8

LegalCopyright:
Assembly Version: 0.0.0.0
InternalName: Atte.exe
FileVersion: 0.0.0.0
FileDescription:
Translation: 0x0000 0x04b0
OriginalFilename: Atte.exe
ProductVersion: 0.0.0.0

Packers detected 2

Microsoft Visual C++ vx.x DLL
Microsoft Visual C++ v6.0

Strings analysis - File found

Text
http://voucher-01-static.com/kvro/1284.txt

Strings analysis - Possible URLs found 1

http://voucher-01-static.com/kvro/1284.txt