Confirm!![.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Confirm!!.exe

windows7-x64

Confirm!!.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Confirm!!.exe

Resource

win7-20221111-en

formbook he2a rat spyware stealer trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Confirm!!.exe

Resource

win10v2004-20220901-en

formbook he2a rat spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

Confirm!!.exe
Size

857KB
MD5

1955205499dfe38428db18133d0c6281
SHA1

293c44a29a18f99a06fa38ec8d746d1ff19778b3
SHA256

c104d364eec79cad7a9c9040ff30d46e6b2bf694b3c8f80130bb599345fc3d76
SHA512

80e01e276e50faff6fcc014f182ee78ac65c158ce36b39577243f5b6cbd7d68beff76195c423aaa27d5d9ec5ca40e8f0b8a99a3418730043c4152102aa2f5d9a
SSDEEP

12288:7t4ucOMtEwcU3gZ+GQzjkATGdsp2EHiTZikOFBUif634eG8BSGlhWBr:ZTcO6AAgZbQzlGs2qiOFBUHo8B5Ux

Score

N/A

Malware Config

Signatures

Files

Confirm!!.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 764KB - Virtual size: 763KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy