home

fc.exe

The executable fc.exe has been detected as malware by 3 anti-virus scanners. The file has been seen being downloaded from www.grc.com.
MD5:
b976a5ef4f2773e83957824673fe890c

SHA-1:
94958ffec3ad807025c109e7d7659fb8ea0e7743

SHA-256:
cb3bf9ebb2aca98a9bfa499425d8aedcc5e60eeaa8369dd0b67d888af3d072d2

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/5/2024 8:23:39 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/Pec1
7.1.1

Bkav FE
HW32.CDB
1.3.0.4923

Reason Heuristics
Unnamed.Threat.11
14.2.27.4

File size:
22.5 KB (23,040 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\gibson research\fc.exe

File PE Metadata
Compilation timestamp:
4/3/2000 9:33:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.2

CTPH (ssdeep):
384:R2ScHkR78W6R/9F2QGSenQsbEoIdWfj3QX+KSSz7zeXMxbSwi2w5pgfdzi2:R2S6kf6p9FJP4rQoI83YSu7zNGN

Entry address:
0xAF60

Entry point:
EB, 06, 68, 00, 10, 00, 00, C3, 9C, 60, E8, 02, 00, 00, 00, 33, C0, 8B, C4, 83, C0, 04, 93, 8B, E3, 8B, 5B, FC, 81, EB, 0F, 70, 40, 00, 87, DD, 8B, 85, A6, 70, 40, 00, 01, 85, 03, 70, 40, 00, 66, C7, 85, 00, 70, 40, 00, 90, 90, 01, 85, 9E, 70, 40, 00, BB, D2, 08, 00, 00, 03, 9D, AA, 70, 40, 00, 03, 9D, A6, 70, 40, 00, 53, 53, 53, 53, 58, 2D, 70, 70, 40, 00, 89, 85, 71, 70, 40, 00, 5F, 8D, B5, 70, 70, 40, 00, B9, 19, 02, 00, 00, F3, A5, 5F, C3, BD, 00, 00, 00, 00, 57, 5E, 83, C6, 42, 81, C7, 62, 08, 00, 00...
 
[+]

Entropy:
7.4877

Packer / compiler:
PECompact v1.4x+

Code size:
17.5 KB (17,920 bytes)

The file fc.exe has been seen being distributed by the following URL.

https://www.grc.com/.../fc.exe

Remove fc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.