fb43774681f860068346d506e1622251102b75dba10fdd72ef64e50d1c272b64 | Triage

Submit
Reports

Overview

overview

Static

static

fb43774681...64.exe

windows7-x64

fb43774681...64.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

fb43774681f860068346d506e1622251102b75dba10fdd72ef64e50d1c272b64.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

fb43774681f860068346d506e1622251102b75dba10fdd72ef64e50d1c272b64.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

fb43774681f860068346d506e1622251102b75dba10fdd72ef64e50d1c272b64
Size

485KB
MD5

7a60588d49207052c8c485c30d98bbc5
SHA1

1994b985f64e72479031fc0712703c99bf50c95d
SHA256

fb43774681f860068346d506e1622251102b75dba10fdd72ef64e50d1c272b64
SHA512

9aaf504c0888ee82c3a85f9a4ee1816cf9452ccd8f3875aabebfbf606d3c538b0f2e8cc75cdd5a610a0b57832c95188c2192248ec494670715e0f0b42918caa4
SSDEEP

6144:WuAhZBMmDm73Sf5wvcYm2sQ2xKYvjdBEHMm7DOe9HRGR4EFktwOmCJEuGG0:WumMmb5wh1sQE9jjE6JeEkWG

Score

N/A

Malware Config

Signatures

Files

fb43774681f860068346d506e1622251102b75dba10fdd72ef64e50d1c272b64
.exe windows x86

4c173eb6a4f6019066d44383079a46f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
ReadFile
GetPriorityClass
CloseHandle
GetProcessTimes
GetStartupInfoA
GetModuleHandleA
HeapDestroy
FindAtomA
GetCurrentThreadId
CreateMailslotA
GetCurrentProcessId
GetStdHandle
GetEnvironmentVariableA
GetFileAttributesA
DeleteFileA
GetModuleFileNameA
IsBadCodePtr
DeleteAtom
SuspendThread

user32

GetSysColor
IsWindow
GetWindowLongA
GetKeyState
GetWindowInfo
GetClassInfoA
DispatchMessageA
DispatchMessageA
DrawTextW
DestroyMenu
CallWindowProcW
GetClientRect
SetFocus

fwcfg

InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy