50951cebd25b44101feab7982762ff341e2363c92cb8c697c96af82285d8c91b | Triage

Submit
Reports

Overview

overview

1

Static

static

50951cebd2...1b.exe

windows7-x64

50951cebd2...1b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

50951cebd25b44101feab7982762ff341e2363c92cb8c697c96af82285d8c91b.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

50951cebd25b44101feab7982762ff341e2363c92cb8c697c96af82285d8c91b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

50951cebd25b44101feab7982762ff341e2363c92cb8c697c96af82285d8c91b
Size

7KB
MD5

28c06c2729e04ac29995585a9a9420b0
SHA1

f0317696eeb5e54d04d66400998f0b59fe80294e
SHA256

50951cebd25b44101feab7982762ff341e2363c92cb8c697c96af82285d8c91b
SHA512

427529cc23171ffc8f0b169f9a0d43c5352a66d6987815916ab20dbe24ebad737004a6defaf98cfc37868dc9108cc4beb53ecb6b76c24871d2c418dc1c43da61
SSDEEP

96:VZwa51s/0wa/Bhh6f1Jxac9NulHxKwSXkXTS3npOe:VWf0pdg1JVNuKwckDUpt

Score

N/A

Malware Config

Signatures

Files

50951cebd25b44101feab7982762ff341e2363c92cb8c697c96af82285d8c91b
.exe windows x86

df8e3788c19763075302a8859e830225

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
KeGetCurrentThread
IoAllocateIrp
KeInitializeEvent
IoGetRelatedDeviceObject
DbgPrint
ExFreePool
ZwQuerySystemInformation
KeSetEvent
KeUnstackDetachProcess
ZwClose
KeStackAttachProcess
PsLookupProcessByProcessId
MmIsAddressValid
PsGetCurrentProcessId
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
ObfDereferenceObject
ObReferenceObjectByHandle
IoCreateSymbolicLink
IoCreateDevice
MmFlushImageSection
_except_handler3
IoFreeIrp
ExAllocatePoolWithTag
IofCompleteRequest

hal

KfLowerIrql
KeRaiseIrqlToDpcLevel

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 896B - Virtual size: 836B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 384B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy