1388.exe

First submission 2024-09-03 18:05:31

File details

File type: PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Mime type: application/x-dosexec
File size: 6.79 KB (6948 bytes)
Compile time: 2020-06-09 02:17:28
MD5: d9f5d8802636874638c47c78685bc0b3
SHA1: 0d7d4ca23316f0bc81a2d3194d9ddfdf759d1b89
SHA256: 724e0e87bcb35b5c955331c7bf57e4d85ddff785e4d876d3e77f22ead70b1438
Sections 9 .text .data .rdata .pdata .xdata .bss .idata .CRT .tls
Directories 2 import tls

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://121.41.54.103/1388.exe VirusTotal Report 121.41.54.103 VirusTotal Report 2024-09-03 18:05:31

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x20f0 8704 4744f3548b1dfd799ac6e663de19a72c0104d0d2 657f6f8593f1a5b291884e2bddcbeffc
.data 0x4000 0x42490 271872 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x47000 0x2d0 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.pdata 0x48000 0x27c 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.xdata 0x49000 0x238 1024 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.bss 0x4a000 0xa30 0 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.idata 0x4b000 0x958 2560 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.CRT 0x4c000 0x68 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e
.tls 0x4d000 0x48 512 da39a3ee5e6b4b0d3255bfef95601890afd80709 d41d8cd98f00b204e9800998ecf8427e