c1ad7842e19b29565ca5e3680f8c3418d799a33baa786bc96927a3c86f9866df | Triage

Submit
Reports

Overview

overview

1

Static

static

c1ad7842e1...df.exe

windows7-x64

c1ad7842e1...df.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c1ad7842e19b29565ca5e3680f8c3418d799a33baa786bc96927a3c86f9866df.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

c1ad7842e19b29565ca5e3680f8c3418d799a33baa786bc96927a3c86f9866df.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c1ad7842e19b29565ca5e3680f8c3418d799a33baa786bc96927a3c86f9866df
Size

29KB
MD5

aa9c22bb11e38d4dc3204003d5f6f7c2
SHA1

dcf3a5af7a58821cc45f0555a22c5e50a3a06771
SHA256

c1ad7842e19b29565ca5e3680f8c3418d799a33baa786bc96927a3c86f9866df
SHA512

94e350b285bad3662e1bc823675f1369de6775d715df554ee7a052d1e9f5b4b5045b8fffdecb7410ddf50ced034d02e0ad36cad7a97ea24b7a40ea4c600cbccb
SSDEEP

768:BbOsShNHThI/OzEORCApWXfLGWuFekbHYyRUeND1Tqn:7SrTqOoxApkfLaPYZeN4

Score

N/A

Malware Config

Signatures

Files

c1ad7842e19b29565ca5e3680f8c3418d799a33baa786bc96927a3c86f9866df
.exe windows x86

d8f929382514ff2e2d1b90644ca12d60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_strnicmp
ExFreePool
ExAllocatePoolWithTag
RtlInitUnicodeString
wcslen
ObfDereferenceObject
ObQueryNameString
ZwUnmapViewOfSection
swprintf
wcscat
wcscpy
_stricmp
strncpy
ZwMapViewOfSection
ZwCreateSection
_wcsnicmp
RtlCopyUnicodeString
_snprintf
MmGetSystemRoutineAddress
_except_handler3
strncmp
RtlAnsiStringToUnicodeString

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 544B - Virtual size: 530B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy