c6c6225613061551abfff34b41d4e3561c2a84d9aefcfec6a3e8428fc0937651 | Triage

Submit
Reports

Overview

overview

1

Static

static

c6c6225613...51.exe

windows7-x64

c6c6225613...51.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c6c6225613061551abfff34b41d4e3561c2a84d9aefcfec6a3e8428fc0937651.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6c6225613061551abfff34b41d4e3561c2a84d9aefcfec6a3e8428fc0937651.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c6c6225613061551abfff34b41d4e3561c2a84d9aefcfec6a3e8428fc0937651
Size

26KB
MD5

4817df5dad453b68d5098ea9dbaf8994
SHA1

03ed91ad0c1f477362f40228cb528e7e77668d8f
SHA256

c6c6225613061551abfff34b41d4e3561c2a84d9aefcfec6a3e8428fc0937651
SHA512

ff10ddbba4af86626f67997b25f71f343db854c5d153d03f008900c23e3de4a359c101f4216dfafb8deedfbf79a581ed30752a7d4099e392e8ba0f5156d67267
SSDEEP

384:EzldHLGl8eWQxNhc5W/upc1cCgICMnZ7QAQnMlm2wAjh6+MN1ES/RpMZipvyQRkz:Ezl8Rhwu1VMbnWRYRGUq86EfJleJta

Score

N/A

Malware Config

Signatures

Files

c6c6225613061551abfff34b41d4e3561c2a84d9aefcfec6a3e8428fc0937651
.exe windows x86

e0469b82387126c9d976e628d5a2b8c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAnsiStringToUnicodeString
ZwClose
RtlInitUnicodeString
PsTerminateSystemThread
KeDelayExecutionThread
PsCreateSystemThread
swprintf
_stricmp
strncpy
PsLookupProcessByProcessId
ExAllocatePoolWithTag
KeInitializeTimer
IofCompleteRequest
ZwCreateFile
ZwSetValueKey
ZwOpenKey
ZwEnumerateKey
MmIsAddressValid
IoRegisterDriverReinitialization
PsGetVersion
_wcslwr
wcsncpy
ZwUnmapViewOfSection
PsSetCreateProcessNotifyRoutine
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
wcscat
wcscpy
ZwCreateKey
wcslen
strncmp
IoGetCurrentProcess
_wcsnicmp
_snprintf
ExFreePool
ZwQuerySystemInformation
ZwMapViewOfSection
ZwCreateSection
ZwOpenFile

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 960B - Virtual size: 958B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 640B - Virtual size: 622B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy