fc65bff5b342725f9039ce10e27b10ed3a703cae7cd6f59993a33699e6d7844c | Triage

Submit
Reports

Overview

overview

8

Static

static

fc65bff5b3...4c.exe

windows7-x64

8

fc65bff5b3...4c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fc65bff5b342725f9039ce10e27b10ed3a703cae7cd6f59993a33699e6d7844c.exe

Resource

win7-20221111-en

discovery persistence spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc65bff5b342725f9039ce10e27b10ed3a703cae7cd6f59993a33699e6d7844c.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

fc65bff5b342725f9039ce10e27b10ed3a703cae7cd6f59993a33699e6d7844c
Size

820KB
MD5

f5c5b39500f6d39850c97de757777498
SHA1

bfa62d9ded98f9d1c437512f79eb144ff5ec9874
SHA256

fc65bff5b342725f9039ce10e27b10ed3a703cae7cd6f59993a33699e6d7844c
SHA512

3cd4be79d6fd509f62bb59284cbb050e0be0f1dd7d372586fa25f41552b514cf7e3482192635678cbc27eda95160a6a5c229258c0035be3a29611551d51ae73c
SSDEEP

24576:nl/zbRMPBD/ckAJeUOw1U5z9zTGYgAwE+lqjTkgBYDTM2:nl/zbRMPd/cZJeUOw1U5z9/HgAwRgBWx

Score

N/A

Malware Config

Signatures

Files

fc65bff5b342725f9039ce10e27b10ed3a703cae7cd6f59993a33699e6d7844c
.exe windows x86

21af314c0488f269e54c668a11babca4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LoadLibraryW
GetCommandLineW
CloseHandle
GetPrivateProfileIntA
CreateMutexW
GetEnvironmentVariableA
WriteFile
SuspendThread
InterlockedExchange
LocalFree
LocalSize
FreeConsole
GlobalFree
ReleaseMutex
ResetEvent
VirtualAllocEx
GetStdHandle
GetSystemInfo
CreateEventW

advapi32

IsValidSecurityDescriptor
RegCreateKeyExW
RegEnumKeyA
ClearEventLogW
CloseEventLog
RegCloseKey
InitializeSid
IsValidSid
CreateServiceW
ControlService
RegDeleteValueA
RegQueryValueW
IsTextUnicode
InitializeSid

fwcfg

InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 809KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy