FAC40C4A1764D50E1AE905029830E056[.]fil | Triage

Submit
Reports

Overview

overview

9

Static

static

FAC40C4A17...56.exe

windows7-x64

9

FAC40C4A17...56.exe

windows10-2004-x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

FAC40C4A1764D50E1AE905029830E056.exe

Resource

win7-20220718-en

discovery evasion spyware stealer themida trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

FAC40C4A1764D50E1AE905029830E056.exe

Resource

win10v2004-20220722-en

discovery evasion spyware stealer themida trojan

windows10-2004-x64

17 signatures

150 seconds

General

Target

FAC40C4A1764D50E1AE905029830E056.fil
Size

2.8MB
MD5

fac40c4a1764d50e1ae905029830e056
SHA1

6ea7a9e9e5fac4e480b4f03b8f37e55f1e6ba1cd
SHA256

4770daf7e7f55d16eee05512eb2c75df6f5df6e3a0f97858580a9d6ddfe012ad
SHA512

d4474dcb9de810f92c9d775efb7e6ffb7e4ec37757e6a6b9b0276ee04c311799cdb021f1b404440943f4ae4785d5a5d6def0d830017519939bcc458810a1149d
SSDEEP

49152:fhsZKwnCZnHX9a6UR46MmgD06UXJoc17KX3wyPT6dFAdctiIxXNdLv:fhs0zZt4C6MvD0jXJE+d1

Score

N/A

Malware Config

Signatures

Files

FAC40C4A1764D50E1AE905029830E056.fil
.exe windows x86

987c43f016f72e406f2fdce75bf0e9b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset

kernel32

CloseHandle

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 790KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 479KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy