fbc8ae02cbc93c51831e32d065ec0bb871c08cd9d4d828c5f0fc6c07633098cd | Triage

Submit
Reports

Overview

overview

8

Static

static

fbc8ae02cb...cd.exe

windows7-x64

8

fbc8ae02cb...cd.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

fbc8ae02cbc93c51831e32d065ec0bb871c08cd9d4d828c5f0fc6c07633098cd.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

fbc8ae02cbc93c51831e32d065ec0bb871c08cd9d4d828c5f0fc6c07633098cd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

fbc8ae02cbc93c51831e32d065ec0bb871c08cd9d4d828c5f0fc6c07633098cd
Size

796KB
MD5

ff3569bcce215c51f5651f536cc4af0e
SHA1

3e599df6213683bc78198b7d952d9094d776422b
SHA256

fbc8ae02cbc93c51831e32d065ec0bb871c08cd9d4d828c5f0fc6c07633098cd
SHA512

931a8800010acfd50d170001405d065dc44b1b6def565f6d8d76cfcc19eb4408af787f8315e0a3f1eba98186ea6723dd9d37c6976166f81de38d25c52a334ac2
SSDEEP

12288:MQzKLhn3xsfbIQxyeRBr3DB+N/suavLzok0fgLwVKA4NmnQhvprskaoE6:h4AzzoeRBrIN/slzKfg9A4Nz7r79

Score

N/A

Malware Config

Signatures

Files

fbc8ae02cbc93c51831e32d065ec0bb871c08cd9d4d828c5f0fc6c07633098cd
.exe windows x86

5724af6d452ce1e4df1ccc3827114b8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetLocalTime
HeapSize
VirtualProtect
ReleaseMutex
RemoveDirectoryA
GetFileAttributesA
CreateMailslotA
GetCommandLineA
IsBadWritePtr
GetDriveTypeW
CancelIo
SetLastError
GetLocaleInfoA
WriteFile
DeleteFileA
ResetEvent
GetProcessHeap
CreateDirectoryA
GetStdHandle
GetModuleHandleA
ReadConsoleW

user32

SetFocus
LoadCursorA
PostMessageA
GetCaretPos
DestroyMenu
PeekMessageA
GetWindowLongW
DrawIcon
SetCursor
GetCapture
wsprintfA
DispatchMessageA
GetWindowTextW

filemgmt

DllGetClassObject
DllRegisterServer
DllRegisterServer
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy