beacon.exe

First submission 2024-07-08 18:59:31

File details

File type: PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Mime type: application/x-dosexec
File size: 273.02 KB (279576 bytes)
Compile time: 1970-01-01 01:00:00
MD5: ca94bf149ad7eb0cc0bf2886b224ebb8
SHA1: 9c17dd07577281da2693aae6637c444f97888ce1
SHA256: de41bd9e84461b342297ccc07f29a0c6a3b03a73bb4e3fd0a64ec4b1e3773f6f
Sections 9 .text .data .rdata .pdata .xdata .bss .idata .CRT .tls
Directories 2 import tls

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://111.230.72.242/beacon.exe VirusTotal Report 111.230.72.242 VirusTotal Report 2024-07-08 18:59:31

PE Sections 2 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x20a8 8704 6254b40d719e0dd4f5dbfd4b90b268c71a3d5286 1513cea3b55a23262d34d017cb59c1da
.data 0x4000 0x43cf0 278016 767b39d897a43e8cd81a4266d7ba7e12c16f96b8 7e46626149799822be2c4e04bc896c4e
.rdata 0x48000 0x910 2560 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.pdata 0x49000 0x2b8 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.xdata 0x4a000 0x238 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.bss 0x4b000 0x9d0 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.idata 0x4c000 0x8d8 2560 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.CRT 0x4d000 0x68 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.tls 0x4e000 0x10 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e

Packers detected 1

Microsoft Visual C++ 8.0 (DLL)