fbe3ab20f4764b39a62978dc09f4019451532c3356b56e4f1010c577d71b7f70 | Triage

Submit
Reports

Overview

overview

8

Static

static

fbe3ab20f4...70.exe

windows7-x64

8

fbe3ab20f4...70.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fbe3ab20f4764b39a62978dc09f4019451532c3356b56e4f1010c577d71b7f70.exe

Resource

win7-20220812-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

fbe3ab20f4764b39a62978dc09f4019451532c3356b56e4f1010c577d71b7f70.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

11 signatures

150 seconds

General

Target

fbe3ab20f4764b39a62978dc09f4019451532c3356b56e4f1010c577d71b7f70
Size

227KB
MD5

c1bb74efebcb9c82c95eb23d522e19e2
SHA1

9031b048f0ea3e379dc911f6c156b17dc31d8b22
SHA256

fbe3ab20f4764b39a62978dc09f4019451532c3356b56e4f1010c577d71b7f70
SHA512

bc0393f3e881254b239afeb2de9759c1f075ca129e14157a704ec66e9f4c9f80481b2ee55f0bb214084758c5aa34fd283f342b870d949dcc8f7d1914f357cda0
SSDEEP

6144:jVSmPyOBzH+fAAuHL/EHpvA+KPgX2+xxZJndQbMdwA/JX5r:JzefATL/6pfxhZJnCb0N9

Score

N/A

Malware Config

Signatures

Files

fbe3ab20f4764b39a62978dc09f4019451532c3356b56e4f1010c577d71b7f70
.exe windows x86

b7bcfe6e791a75e1b11a01b4f30a902b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentThreadId
lstrlenA
WaitForSingleObject
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
lstrcmpA
GetTempPathA
FindAtomA
ExitProcess
lstrcpyA
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualQueryEx
GetModuleHandleA
GetThreadContext
CreateProcessA
GlobalFree
TerminateProcess
ResumeThread
VirtualFree
OpenProcess
VirtualAlloc
lstrcatA

user32

SetThreadDesktop
GetThreadDesktop
GetCursorPos
wsprintfA
OpenInputDesktop
GetFocus
FindWindowA
GetWindowThreadProcessId
IsWindowVisible
ClientToScreen
EqualRect
CloseDesktop
InflateRect

shell32

ShellExecuteA

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA
OpenProcessToken

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy