Static task
static1
Behavioral task
behavioral1
Sample
fabric-installer-0.7.3.exe
Resource
win7-20231020-en
General
-
Target
fabric-installer-0.7.3.exe
-
Size
407KB
-
MD5
fbfb2858df3a3ab47a42078a48fa2a80
-
SHA1
cdea23f5bf087d7d15ca4ea4463501c925d3b228
-
SHA256
7dc880f8a05ae721e6eb493b6af44fd260b3d1384975a397c12f9ee21d5c5483
-
SHA512
a79434ff7b65d799f74e93bf540d5cca3fbc65f48e692a0e96380ce1e6a8341ac9491d2ef3d594db25e9275f72605ce7fd755310cb8bf6c35c11f8674034a3ca
-
SSDEEP
6144:4s96YoB6UBylNUXJW07KJQEho3sCSbHhet+bVayfC2sTNUdz9y8E+4syabpAx:4NYoBBBj0J1h5eEbVZCRTa3rf+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fabric-installer-0.7.3.exe
Files
-
fabric-installer-0.7.3.exe.exe windows:6 windows x86
e5a22a9524bef600d0fd3f2a9e1c696e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SystemFunction036
kernel32
TryEnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CloseHandle
FreeEnvironmentStringsW
FindClose
ReleaseMutex
TlsSetValue
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
GetProcAddress
SetLastError
GetCurrentDirectoryW
GetLastError
GetEnvironmentStringsW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCommandLineW
WriteFile
FlushFileBuffers
DuplicateHandle
SetFilePointerEx
EnterCriticalSection
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
GetCurrentProcessId
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
HeapFree
TlsAlloc
HeapReAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
AddVectoredExceptionHandler
SetThreadStackGuarantee
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
TlsGetValue
GetStdHandle
FindNextFileW
CreateFileW
GetFileInformationByHandle
DeviceIoControl
DeleteCriticalSection
GetModuleHandleW
FormatMessageW
GetModuleFileNameW
ExitProcess
CreateProcessW
CreateNamedPipeW
GetModuleHandleA
GetConsoleMode
WriteConsoleW
GetConsoleOutputCP
HeapSize
LCMapStringW
CompareStringW
GetStringTypeW
GetFileType
SetStdHandle
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetCommandLineA
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
TlsFree
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlUnwind
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
DecodePointer
ole32
CoUninitialize
CoInitializeEx
shell32
ShellExecuteW
user32
MessageBoxW
Sections
.text Size: 196KB - Virtual size: 195KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ