fdfb5f3193ac8d248cf2f18df8b29a6e614f3a471b208f75e5a9ec1950d62b84 | Triage

Submit
Reports

Overview

overview

8

Static

static

fdfb5f3193...84.exe

windows7-x64

8

fdfb5f3193...84.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fdfb5f3193ac8d248cf2f18df8b29a6e614f3a471b208f75e5a9ec1950d62b84.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

fdfb5f3193ac8d248cf2f18df8b29a6e614f3a471b208f75e5a9ec1950d62b84.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

fdfb5f3193ac8d248cf2f18df8b29a6e614f3a471b208f75e5a9ec1950d62b84
Size

804KB
MD5

7acae3e24836c57859f755d1d67ed0d0
SHA1

60fe60639001341a4b11b8e6ddb2ec6cf7ba7baf
SHA256

fdfb5f3193ac8d248cf2f18df8b29a6e614f3a471b208f75e5a9ec1950d62b84
SHA512

df443e3b97bf784f50e691d8d286ed81005325abdd42a9bf4ff4f7bd62abdca12ea2834839629410dc287451aebda29ed11e7f4ae0dbf09cb325e0c04f03a16e
SSDEEP

12288:2BEeJjBpeW5wkCMNYyioXDSs7g/z3AVzRx/w0DMZDUxduuhTbbEBp59N:ilpRCMCyioXDSLTAVV3Mpe/CV

Score

N/A

Malware Config

Signatures

Files

fdfb5f3193ac8d248cf2f18df8b29a6e614f3a471b208f75e5a9ec1950d62b84
.exe windows x86

c4ddd02c6fb2e6f7f5eb35200b420cec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFilePointer
GetTickCount
CreateDirectoryA
DeleteFileW
GetFileAttributesW
IsValidLocale
GetModuleFileNameA
LeaveCriticalSection
OpenMutexW
InterlockedExchange
GlobalFlags
SetFileTime
lstrlenA
CreateFileW
HeapDestroy
GetModuleHandleA
GetDriveTypeW
GetCurrentThreadId
CreateFileW
VirtualProtectEx
PulseEvent
AddAtomA
DeleteFileW
GetVolumePathNameA
OpenEventW

user32

DestroyMenu
GetWindowLongA
DestroyIcon
LoadCursorA
GetWindowLongA
wsprintfA
PeekMessageA
GetWindowTextA
DispatchMessageA
SetRect
MessageBoxA
SetFocus
IsMenu

dmdskmgr

?namecmp@@YGHPBG0@Z
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy