33858d325fd8d24bbed14901a3e7b1a870aaa466d88770546461a75fda68d28b | Triage

Submit
Reports

Overview

overview

1

Static

static

33858d325f...8b.exe

windows7-x64

33858d325f...8b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

33858d325fd8d24bbed14901a3e7b1a870aaa466d88770546461a75fda68d28b.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

33858d325fd8d24bbed14901a3e7b1a870aaa466d88770546461a75fda68d28b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

33858d325fd8d24bbed14901a3e7b1a870aaa466d88770546461a75fda68d28b
Size

34KB
MD5

61b7772875c1669a6187d2936643b0f7
SHA1

07dc7b52f77038f0724fc22436c868c3dd5125f8
SHA256

33858d325fd8d24bbed14901a3e7b1a870aaa466d88770546461a75fda68d28b
SHA512

f1b19b4cbc8331c95afd284e9c6c18ea81a8b571b13d1860a661bc14f425f1186934c55ba37ab37960e728ce9247171d4824e8ed14aebb46d157add73e25e061
SSDEEP

768:IUehb4JiwUehb4JiwUehb4JiwUehb4Ji:Ib4Jiwb4Jiwb4Jiwb4Ji

Score

N/A

Malware Config

Signatures

Files

33858d325fd8d24bbed14901a3e7b1a870aaa466d88770546461a75fda68d28b
.exe windows x86

6f2eaea7ecc6a9de660465093fd56f6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmMapLockedPagesSpecifyCache
memset
IoDeleteSymbolicLink
RtlInitUnicodeString
IoDeleteDevice
RtlGetVersion
ZwSetValueKey
ZwClose
IofCompleteRequest
KeServiceDescriptorTable
IoCreateSymbolicLink
MmIsAddressValid
ObReferenceObjectByName
ExFreePoolWithTag
_wcsnicmp
strlen
swprintf
wcsrchr
ObReferenceObjectByHandle
ObfDereferenceObject
RtlMultiByteToUnicodeN
wcscpy
ZwOpenKey
IoGetCurrentProcess
PsLookupProcessByProcessId
ObReferenceObjectByPointer
PsGetThreadProcessId
ExAllocatePoolWithTag
IoCreateDevice
memcpy
_except_handler3

hal

KfRaiseIrql
KfLowerIrql

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 544B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 496B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 864B - Virtual size: 862B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 640B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy