win.exe

First submission 2024-02-04 18:38:32

File details

File type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Mime type: application/x-dosexec
File size: 772.06 KB (790593 bytes)
Compile time: 1970-01-01 01:00:00
MD5: cbe8b896cb039a26ba96363d51b63979
SHA1: f46de631db74b8e1d47ae2f652ba05b0f1fbad7a
SHA256: b8424f5939bdc535243e817192ace9e97c680e3f396ff0220a577d83cc2921e3
Sections 6 .text .rdata .data .idata .reloc .symtab
Directories 2 import relocation
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://175.24.197.196/win.exe VirusTotal Report 175.24.197.196 VirusTotal Report 2024-02-04 18:38:32

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x29ae9c 2732032 dbdd20812c94b4cd06067746b54e30a743354d95 cdaa9561437cd6d561687ec394e69f43
.rdata 0x29c000 0x2626f0 2500608 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.data 0x4ff000 0x332ec8 3166208 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.idata 0x832000 0x3dc 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.reloc 0x833000 0x1dd3c 122368 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.symtab 0x851000 0x4 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e