c9bfd8172c384db3db3f87a0f5750a1513861fd9fa7f4cf2c4569e5da30f4867 | Triage

Submit
Reports

Overview

overview

1

Static

static

c9bfd8172c...67.exe

windows7-x64

c9bfd8172c...67.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c9bfd8172c384db3db3f87a0f5750a1513861fd9fa7f4cf2c4569e5da30f4867.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

c9bfd8172c384db3db3f87a0f5750a1513861fd9fa7f4cf2c4569e5da30f4867.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c9bfd8172c384db3db3f87a0f5750a1513861fd9fa7f4cf2c4569e5da30f4867
Size

16KB
MD5

609a085013049bce39565858b3c50f2b
SHA1

378185bf27110fedd3e9db5f899346dacdc2f1d3
SHA256

c9bfd8172c384db3db3f87a0f5750a1513861fd9fa7f4cf2c4569e5da30f4867
SHA512

507de4bf8e177a05fe1f145336accbb2e329a6b31376b38d9f0d70ae1cd87cf213662d869413608c442a4fa3dc3d482b0ddffbb724f00b83d6cc4cf5189dcfce
SSDEEP

384:mYTLQ7ARAgrKVx/g6MkkuyUUYJLWd6jfvboL8:V/QsCgj3E5LAmHbh

Score

N/A

Malware Config

Signatures

Files

c9bfd8172c384db3db3f87a0f5750a1513861fd9fa7f4cf2c4569e5da30f4867
.exe windows x86

e0d83a141882e5eae534e4216e81aca9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IoCreateSymbolicLink
KeInitializeMutex
IoCreateDevice
KeReleaseMutex
RtlCopyUnicodeString
ExAllocatePoolWithTag
RtlCompareUnicodeString
KeWaitForSingleObject
ExFreePoolWithTag
IofCompleteRequest
memcpy
ZwClose
ZwDeviceIoControlFile
ZwCreateFile
ZwFsControlFile
KeTickCount
KeBugCheckEx

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy