FLEngine[.]dll | Triage

Submit
Reports

Overview

overview

1

Static

static

1

FLEngine.dll

windows7-x64

1

FLEngine.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

FLEngine.dll

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

FLEngine.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

FLEngine.dll
Size

3.3MB
MD5

5d2dd06a6f03e59e779faef257e31292
SHA1

7200aa9b8edbd16ca6cc5a173b684d694c9ab07a
SHA256

8be8477dacfbd32f258cc8a3627b8f903d2ab773bdad4a057a7c0e4d12b42ab5
SHA512

2fb5364977e2b37c6bec13bb123352f793b7c85e3f3b91c87fa0bc9c5da1aa6e8f86bc56d9d3aacb2629743c61ab9f4840102d108dd5aa4e42e0ac418ec8e0c1
SSDEEP

98304:rwosFv/1tm23a5dmCt0wg0jxrJ6gLFLw:rbsFvttm23aSQ0qVEgLF

Score

1^/10

Malware Config

Signatures

Files

FLEngine.dll
.dll windows x86

ef0e504019d8ff875315c93f2739028d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW

kernel32

QueryPerformanceCounter
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW

Exports

Exports

CreateFruityInstance
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xda0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xda1
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy