fsx.exe
First submission 2024-10-18 05:42:32
File details
| File type: | PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows |
| Mime type: | application/x-dosexec |
| File size: | 984.38 KB (1008000 bytes) |
| Compile time: | 1970-01-01 01:00:00 |
| MD5: | 8faecf0135fa162d78bc48a48127a180 |
| SHA1: | 49776f52b4363de0f8c5c84149aff6111c94dfe6 |
| SHA256: | 48b648fee5b8a1ec514987c27efc66593ee120b6f44b9e083aab8dbfdb2f4afd |
| Sections 6 | .text��� .rdata�� .data��� .idata�� .reloc�� .symtab� |
| Directories 2 | import relocation |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://120.25.157.131/fsx.exe  |
120.25.157.131 |
2024-10-18 05:42:32 |
PE Sections 0 suspicious
| Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
|---|---|---|---|---|---|---|
| .text��� | 0x1000 | 0x42b372 | 4371456 | 6a3f437c92a585e1c2653478b834a3ebed066b00 | 9ccb0f935697bf3b4d090d09fe336aff | |
| .rdata�� | 0x42d000 | 0x4ccf18 | 5033984 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .data��� | 0x8fa000 | 0xbe470 | 349696 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .idata�� | 0x9b9000 | 0x47c | 1536 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .reloc�� | 0x9ba000 | 0x12744 | 75776 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e | |
| .symtab� | 0x9cd000 | 0x4 | 512 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | d41d8cd98f00b204e9800998ecf8427e |
Strings analysis - File found
| Library |
| L32.DLL |
| i32.dll |
| _32.dll |
| rof.dll |